Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Re: How to get LDAP to listen on Secondary IP address

14 views
Skip to first unread message

a...@novell.com

unread,
Jan 21, 2010, 3:29:07 PM1/21/10
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Post the output from the following, please:

sudo netstat -anp | grep 'LISTEN ' #the space before the quote is correct

Normally eDirectory's LDAP interface listens on all IP addresses.

Good luck.

ryamry wrote:
> We had one server that has been removed out of the network that serviced
> LDAP requests at one point. I thought we had all the clients switched
> over to the new servers for LDAP Contextless login, but our problem is
> that on our images is still pointing to the old server. So when we
> reimage a computer, they cant login with contextless login.
>
> I put that old servers IP as a secondary addy on one of our servers.
> How can I get it so that LDAP will listen on both addresses?
>
> Thanks!
> -Rob
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLWLkTAAoJEF+XTK08PnB5SloQAIyBwYdRo3ui5c+9l4mCMRTd
Xdrve9/V5uDXGejVbe3goEYBwO8NenqoSILLThyUAZqK7W6yTzeNuC3lQU0+aiq7
M+uifRbU6FCw/LasprTZUTixBCDL06ftktUH+JSfVCU+zov8LPxlYcoMmkDel+V/
yVhqTyKBOf0rTBC0ju26qGR8BGYCSaia5i96hDAHrFJROieY+LfXo3Di3UPjlF1K
vZ8P7BqMFRFqx1ACQe9Hxs/YFX0uUYEHk7K+xJsyhFT1n8puCy/JC48ppet6Yjyi
924B5Ppx9Ez9b9WBW+xTNIMqyXfbaAkd71tQP+StDW71F4WR/sP6giaoawHpxIC7
ZJVgoA7Wj4dHlbg4Mjx+oe0YD5zEb3sE2IdLjuTuiuhD0ZbJR47IKrSi2+bOt68L
pDz2y1hiLRi+2tdeAgVIWW3wp1Wia8c5ccwcDGPbSnsQyoR83gHwYhkY4sReKT9l
TQ6DUGGYkJKnR666odehHzsLYrtzVEbopLM3/BhuX91SBr7I046VkOcyxQLNs2JM
lDaVaYRAw90sV7MBUWMVlsyKF6fftq5ljdh35jc4EalPviPp3n6mBXo6fzXvD6WZ
30prKcczj5Kvf6HWSmo2GvKsLJ6OrriPbKaosXh+RK5WisaCyHrzOrzyGXghfAXJ
FTEi2hCyWtZZTU7EaKBQ
=dQTS
-----END PGP SIGNATURE-----

a...@novell.com

unread,
Jan 21, 2010, 4:15:35 PM1/21/10
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Does this write up your post in the eDirectory forum too then? Yes, as
you can see the LDAP ports are listening on all IP addresses (0.0.0.0) so
anything that can reach your NIC should be able to reach TCP 389 unless
the firewall is in the way.

Good luck.

ryamry wrote:
> I figured I shouldve restarted ndsd first. I did and the output is
> below. Needless, I was going off nmap scans one the same server of the
> secondary IP to see if it was open - which shows that nothing is open.
> But, when I config a client to use the secondary IP for LDAP contextless
> login, all seems fine. Looks like everything is good then. Thanks.
>
> Here is the output:
>
>> :~ # sudo netstat -anp | grep 'LISTEN '
>> tcp 0 0 0.0.0.0:54880 0.0.0.0:*
>> LISTEN 18533/magent
>> tcp 0 0 0.0.0.0:8192 0.0.0.0:*
>> LISTEN 18515/mrouter
>> tcp 0 0 0.0.0.0:8193 0.0.0.0:*
>> LISTEN 18515/mrouter
>> tcp 0 0 10.1.2.27:40193 0.0.0.0:*
>> LISTEN 8447/smdrd
>> tcp 0 0 0.0.0.0:8194 0.0.0.0:*
>> LISTEN 18515/mrouter
>> tcp 0 0 0.0.0.0:5666 0.0.0.0:*
>> LISTEN 6725/xinetd
>> tcp 0 0 0.0.0.0:389 0.0.0.0:*
>> LISTEN 32367/ndsd
>> tcp 0 0 0.0.0.0:5989 0.0.0.0:*
>> LISTEN 5093/owcimomd
>> tcp 0 0 0.0.0.0:8008 0.0.0.0:*
>> LISTEN 5002/httpstkd
>> tcp 0 0 0.0.0.0:8009 0.0.0.0:*
>> LISTEN 5002/httpstkd
>> tcp 0 0 10.1.2.27:427 0.0.0.0:*
>> LISTEN 5064/slpd
>> tcp 0 0 127.0.0.1:427 0.0.0.0:*
>> LISTEN 5064/slpd
>> tcp 0 0 10.1.2.27:524 0.0.0.0:*
>> LISTEN 32367/ndsd
>> tcp 0 0 127.0.0.1:524 0.0.0.0:*
>> LISTEN 32367/ndsd
>> tcp 0 0 127.0.0.1:9005 0.0.0.0:*
>> LISTEN 8614/java
>> tcp 0 0 0.0.0.0:1743 0.0.0.0:*
>> LISTEN 6725/xinetd
>> tcp 0 0 0.0.0.0:111 0.0.0.0:*
>> LISTEN 5023/portmap
>> tcp 0 0 0.0.0.0:80 0.0.0.0:*
>> LISTEN 25957/httpd2-worker
>> tcp 0 0 127.0.0.1:2544 0.0.0.0:*
>> LISTEN 27335/zmd
>> tcp 0 0 0.0.0.0:9009 0.0.0.0:*
>> LISTEN 8614/java
>> tcp 0 0 0.0.0.0:6901 0.0.0.0:*
>> LISTEN 8348/jstcpd
>> tcp 0 0 0.0.0.0:22 0.0.0.0:*
>> LISTEN 6100/sshd
>> tcp 0 0 0.0.0.0:631 0.0.0.0:*
>> LISTEN 5314/cupsd
>> tcp 0 0 127.0.0.1:25 0.0.0.0:*
>> LISTEN 5917/master
>> tcp 0 0 0.0.0.0:443 0.0.0.0:*
>> LISTEN 25957/httpd2-worker
>> tcp 0 0 0.0.0.0:636 0.0.0.0:*
>> LISTEN 32367/ndsd
>> tcp 0 0 10.1.2.27:8028 0.0.0.0:*
>> LISTEN 32367/ndsd
>> tcp 0 0 10.1.2.27:8030 0.0.0.0:*
>> LISTEN 32367/ndsd
>> tcp 0 0 0.0.0.0:56766 0.0.0.0:*
>> LISTEN 18533/magent


>>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLWMP3AAoJEF+XTK08PnB5GWEQAMVAErJXWjVgE8AaADqEl9xb
h5emODqdWaUiNQNGWjDa+Q1P164kyllHzjqFUm9Ez+cfLU2UtzL7x5FH6qxH/G+G
28HUDuqNl1w1gc8wu/rsnOKePQ73PfgMby1HBkza0AAmdzFVYrYfggnnZuF0OxKM
ZrxIazVdLb601ZH6+BFbvmHESIQnpYQasPWrewLa3pIoSqdp+NUFnSYZTG7Jxf9P
jXGHF0rlDQz8tvYnbl42+AFaN0PXUR3nLOP0QnG+PZ8jiPzTAwv6ULv6srVuwMIl
VGmRwCrPEC1Reeih6n/n1DGMJBshfOZQuxWwqt9UdHhewS+sDH51LLtMX+hCZjgd
M85v7wmeoytGqMPFOYdMf7IfL9Fvbi1/cfYCv8l/LBEu/KY8I3QSTLZgmEUJdYpK
FXva5PzPDMfATXgZqr/XYRU/yONh/8mN5PJQzXSs60XG7/OOPTpvLDN/HFjE+XnL
hvdb1cj+1j1JYWhh2Fnq5oHqxgz1d2wSXFnEvfUapxWbQL3lyGFro6foKCmGwz53
nnFlaHXBsFr2agEFihVD13XR3WlomKHLKkq+trAxUl0rGsf11NoX7cezfekKJEW/
JaEC9u9Hv49GC3uyk+e+S6VxX166dqPP36mQr6Tnhn1POX1tbzQVSh2ar2FpUWaB
QzzWiNi4cnkya+IgqReg
=SxyY
-----END PGP SIGNATURE-----

a...@novell.com

unread,
Jan 21, 2010, 4:16:25 PM1/21/10
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

nevermind the bit about the eDirectory forum.... I probably have my
threads crossed.

Good luck.

iQIcBAEBAgAGBQJLWMQpAAoJEF+XTK08PnB5nf0P/3jw+2KyjD3hAiH7LFXzmuId
zBOTeLDr7Z1SOyROL1rm9JYoCeM3ocy6k+7XLTjvb8j173hsytgj+wMJK14bu4ry
5MDPwQNrakV37tQdCMBeP5RYaQzvPcbXwuyZgblY1frTbnpp09vMHwnwtzSHi7nK
LQn203r1F0x+FhP8CS/q+afdMlDq4LhYtBEi/jyssVPQTF9A9wZEnZS8jmubBKDU
2EYgz4AftJagzHOYGeEcEtMk80+BbBlio6QU7s9iTPJIrY96+sg27KawLRNj/s/K
m//LBuAVUidcIaYP/Sp2Sfa/J3LgseyYp/4R79njnv/6bgXlVgpPjeKhdNlZsAkn
dRaTAuNj65bHgLU/SC6F38y5cUXeef8xP8VdJMmWa/QiCDt1zmT6BnyDIKNF3v5E
sa2AY7hBwCZT0lt/VFk6SUrzMTGBFbmuSVQR6wxgSO/FgqAYSXsMGxt7O4ozjR/m
ti7EuU0LTuDLCojiT/eSUwlTvKqAhZfSeYnNp1lrDwNHJoiAUKpFEsix3cJYyEln
nDRzGagIlYi/5qToO9dA7fv6AIgcOV4faW9/3jb0bYTeOAEW6xrgWt7U4AXo1pa6
hA9uDr22bdtDZFkTzoDmT5gB7e3H2SXB4Zxwv4/SqB+UYOXQW/acFiPaMEadAp8v
mllgMpeaKr4ejV7iwbq8
=NPgG
-----END PGP SIGNATURE-----

Paul Gear

unread,
Jan 24, 2010, 8:33:12 PM1/24/10
to
a...@novell.com wrote:
> Post the output from the following, please:
>
> sudo netstat -anp | grep 'LISTEN ' #the space before the quote is correct

For the record, 'netstat -tupln' would be the preferred way to do that...

Paul

a...@novell.com

unread,
Jan 24, 2010, 11:02:10 PM1/24/10
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Still gets too much; I did not want the UDP stuff.

`netstat -tpln` is probably the next best way but doesn't translate easily
to other platforms which is the purpose of the way I do it. You're right
otherwise, of course.

Good luck.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLXRfCAAoJEF+XTK08PnB5OskP/Ryu9fw+HzLsJcJ4Ai2Bpicl
I5FPsAJbui+rby+BCdqvgu79z+lCoIfmB2KQCHnxI5Kjno3MbPHfGKd7FIMWjz+c
/nTFMAbNabc1bxhwm0UGRzzmFq1JgEd9SzproBoDnJbTZDacM3bXwSlmUvo2O2ov
MXRcC8B8frOSFkDMmxllJjXBzNuCH/7Xu1YwZ8vUHUXctnpDdej10TQnDGQQTCRJ
CPGLLD0Kr5qXmTtZil4BNSjXtCR3z5zDTKd47XRjDS+IzUlxSF5bDPhORthIwFYd
rkT5XsCqF9yc/yzZW3Y2oB914ZxaNVQ5l56QV1SNzoRdUsmPw46g+3UyNMCwbjx5
IY/yUe6z/Y7HGP853KWcVX3Y1xfswtuW6IY3asN4fTARzdEzQSFv6ujS3OycXE7H
HeWusOJ6dJjO4GFBnf7jyNOpC7xXJxVjtoGQlp/ga3PgWUVfWvme6WZdzlzNU3gS
ele3JgOqAEWpT09LsnnLQViufSvdJtfHJDhUz7YPOEcGRECGD8US3WlyUPZxNBdx
+KOwYK5l2QNwOVhe4VgHT3pKVac0MHQR2r7EwGqrO0LspiyPb0Fhme5FHbrRzoNL
vpQi7P16rGtZYNJ3JZ1eMdLBIIQ7buOeDfSF8UAC5UNe2pWZ87XjTf3/uU0y3l1C
xWsJWBMBys0UEa3mZYOu
=kf4+
-----END PGP SIGNATURE-----

0 new messages