Anonymous_User Absent Member.
Absent Member.
4369 views

iFolder 2.1.8 - ldap_simple_bind : Can't contact LDAP server(81)

We are running NetWare 6.5 SP6 with Apache 2.0.59 and iFolder 2.1.8.
iFolder was working fine for a month or so, until I installed MySQL
(although, I'm not 100% sure that this is when iFolder stopped working).
I tried uninstalling MySQL in an attempt to resolve the problem, but users
still receive an "Authentication Failed" error message on the client side.

I'm not sure if this is related to the problem (I remember seeing these
messages before connectivity became broken), but when Apache first loads,
these messages appear:

>20:58:50 20:58:50 Root certificate file for master ldap not found.

Requesting a new one from server.
>20:58:50 20:58:50 NIF CertHandler: Retrieved certificate of size=1324.


Once Apache has been running for a minute or two, the following error
messages repeat on the Apache server console (ignore the timestamp and
dnsname.com, I manually typed the errors so I copied/pasted the time and I
removed our actual dns name):

20:20:35 *MASTER[dnsname.com][-1] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][0] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][1] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][2] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][3] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][4] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][5] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][6] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][7] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 ldap *MASTER[dnsname.com] connection restored
20:20:35 iFolder_ldap01[dnsname.com][-1] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][0] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][1] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][2] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][3] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][4] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][5] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][6] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][7] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 ldap iFolder_ldap01[dnsname.com] connection restored
20:20:35 *MASTER[dnsname.com][-1] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 ldap *MASTER[dnsname.com] down
20:20:35 ldap *MASTER[dnsname.com] down
20:20:35 iFolder_ldap01[dnsname.com][-1] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][0] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][1] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][2] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][3] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][4] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][5] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][6] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 iFolder_ldap01[dnsname.com][7] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 ldap iFolder_ldap01[dnsname.com] connection restored
20:20:35 *MASTER[dnsname.com][-1] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][0] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][1] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][2] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][3] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][4] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][5] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][6] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 *MASTER[dnsname.com][7] ldap_simple_bind : Can't contact LDAP
server(81)
20:20:35 ldap *MASTER[dnsname.com] connection restored
20:20:35 iFolder_ldap01[dnsname.com][-1] ldap_simple_bind : Can't contact
LDAP server(81)
20:20:35 ldap iFolder_ldap01[dnsname.com] down
20:20:35 ldap *MASTER[dnsname.com] connection restored


I tried extensively searching the knowledgebase and other users' forum
posts, but I was unsuccessful at restoring connectivity. I performed some
LDAP tests from a few TIDs, and I believe it is up and running. TCPCON
shows the server listening on ports 389 and 636. Any suggestions would be
most appreciated.

Thanks for the help,

Joe

Labels (1)
0 Likes
1 Reply
Highlighted
Anonymous_User Absent Member.
Absent Member.

Re: iFolder 2.1.8 - ldap_simple_bind : Can't contact LDAP server(81)

Joe,
> 20:20:35 *MASTER[dnsname.com][-1] ldap_simple_bind : Can't contact LDAP
> server(81)
>

Check httpd_ifolder_nw.conf that it points to the right LDAP server:
LdapHost x.x.x.x
LdapPort 636

You can also try running over the cleartext port (389) and see if that
helps.

IFolder simple troubleshooting steps:

1. iFolder 2.x needs eDirectory 8.6.2 or better for LDAP. It will not
work with NW 5.1 DS 8.82 for example.
2. Check that the admin name in the iFolder server config file is
correct
3. Use the clear-text LDAP (389) port for troubleshooting
(SSL/TLS tab, turn off "require TLS", see below)
4. Have iFolder log its screen to a file (below)
5. Turn on LDAP tracing on the LDAP Server Object
(Screen options tab, check at least "connection" and "response")
6. LOAD DSTRACE. Turn off everything and turn on LDAP, then try to log
in.
7. Does it work if you bypass the proxy in your browser?

Does the new iFolder help?
http://support.novell.com/servlet/filedownload/uns/pub/ifolder213.exe/
(This is for 6.0. For 6.5, use SP2)

Note on 4:
Change startifolder.ncf to read:
LOAD ADDRESS SPACE = IFOLDER APACHE -s -f
SYS:APACHE\IFOLDER\SERVER\HTTPD.CONF
(all on one line)

Note on 3:
1. LDAP Server Object, SSL/TLS Config Page
Untick "Require TLS for All Operations"
2. LDAP Group Object
Untick "Require TLS for simple binds with password"

Note on 6:
LOAD DSTRACE
DSTRACE -ALL
DSTRACE +LDAP
DSTRACE SCREEN ON
DSTRACE FILE On

The trace file is called DSTRACE.LOG and is in sys:system

For some helpful tips:
http://nscsysop.hypermart.net/ifolder.html
http://www.gordonross.org.uk/iFolder.html

- Anders Gustafsson, Engineer, CNE6, ASE
NSC Volunteer Sysop
Pedago, The Aaland Islands (N60 E20)

Novell does not monitor these forums officially.
Enhancement requests for all Novell products may be made at
http://support.novell.com/enhancement

Using VA 5.51 build 315 on Windows 2000 build 2600

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.