Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
vandepitte Absent Member.
Absent Member.
303 views

es:ldapSearch fails on some (but not all) servers

Hi,

I get "JavaException: com.novell.ldap.LDAPException: Connect Error" on 2
out of 3 IdV servers when calling

es:ldapSearch('localhost','389','cn=admin,dc=admins,dc=system','password','dc=base','sub','(cn=*)','cn,sn')

from a policy... I really don't have a clue where to search for the problem.

* Command line ldapsearch works on all servers using the same connection
params , so there's no fw issue or config problem.
* Compared the settings of all LDAP Server objects in iManager, but they
all seem to have the same settings (at first sight).
* ndstrace doesn't show any incoming connections
* neither does tcpdump: tcpdump -i lo dst port 389

It seems to me that this has nothing to do with a connection problem,
but rather library or api issues

Did anyone ever have similar problems?

Thanks in advance

Pieter
Labels (1)
0 Likes
3 Replies
Anonymous_User Absent Member.
Absent Member.

Re: es:ldapSearch fails on some (but not all) servers

Pieter Vandepitte wrote:

> Hi,
>
> I get "JavaException: com.novell.ldap.LDAPException: Connect Error" on 2 out
> of 3 IdV servers when calling
>
> es:ldapSearch('localhost','389','cn=admin,dc=admins,dc=system','password','dc=
> base','sub','(cn=*)','cn,sn')
>
> from a policy... I really don't have a clue where to search for the problem.


enable full ldap tracing on the ldap server object in imanager and then check
the dstrace output
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: es:ldapSearch fails on some (but not all) servers

sorry, should've read your post completely before replying...
0 Likes
Knowledge Partner
Knowledge Partner

Re: es:ldapSearch fails on some (but not all) servers

On 2/15/2012 10:56 AM, Pieter Vandepitte wrote:
> Hi,
>
> I get "JavaException: com.novell.ldap.LDAPException: Connect Error" on 2
> out of 3 IdV servers when calling
>
> es:ldapSearch('localhost','389','cn=admin,dc=admins,dc=system','password','dc=base','sub','(cn=*)','cn,sn')
>
>
> from a policy... I really don't have a clue where to search for the
> problem.


Haha! Aaron figured this one out for us! This is a great example of
someone troubleshooting something really well!

Had this. There is a JAR that is part of the User App driver that
includes an older version of the LDAP Java classes that Lothar calls.

I suck at Bugzilla searching, but I am sure Aaron can find it.

Scratch that, found it.

https://bugzilla.novell.com/show_bug.cgi?id=668201
or maybe this one:
https://bugzilla.novell.com/show_bug.cgi?id=663378

The servers it works on will NOT have the User App driver JAR (or
support JAR)

xcd-all.jar is the culprit.


> * Command line ldapsearch works on all servers using the same connection
> params , so there's no fw issue or config problem.
> * Compared the settings of all LDAP Server objects in iManager, but they
> all seem to have the same settings (at first sight).
> * ndstrace doesn't show any incoming connections
> * neither does tcpdump: tcpdump -i lo dst port 389
>
> It seems to me that this has nothing to do with a connection problem,
> but rather library or api issues
>
> Did anyone ever have similar problems?
>
> Thanks in advance
>
> Pieter


0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.