Ldap - Can't 'log in' but can ldapsearch - (Log) transport endpoint not connected
I have this problem: I'm on centos 7 I tryed to set ldap remote credentials access by this:
[192.168.9.105 #] authconfig --enableldap --enableldapauth
--ldapserver=ldap://192.168.9.104 --ldapbasedn="dc=myco,dc=local"
--enablemkhomedir --update
launching this query (on the same host I run authconfig on) i get:
[192.168.9.105 #] ldapsearch -x uid=ldaprptest -b dc=myco,dc=local -h 192.168.9.104
I got the result:
# extended LDIF
#
# LDAPv3
# base <dc=myco,dc=local> wlocalh scope subtree
# filter: uid=ldaprptest
# requesting: ALL
#
# ldaprptest, People, myco.local
dn: uid=ldaprptest,ou=People,dc=myco,dc=local
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
cn: ldaprptest
uid: ldaprptest
uidNumber: 9988
gidNumber: 100
homeDirectory: /home/ldaprptest
loginShell: /bin/bash
gecos: LDAP Replication Test User
userPassword:: e2NyeXB0fXg=
shadowLastChange: 17058
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
so I'm sure it can connect
after trying
su ldaprptest
I [192.168.9.105 #] cat /var/log/messages
and I get:
Mar 11 20:02:57 Centos-client-test-slave nslcd[3313]:
[d062c2] <passwd="ldaprptest"> failed to bind to LDAP server ldap://192.168.9.103:
Can't contact LDAP server: Transport endpoint is not connected
Mar 11 20:02:57 Centos-client-test-slave nslcd[3313]:
[d062c2] <passwd="ldaprptest"> no available LDAP server found:
Can't contact LDAP server: Transport endpoint is not connected
Mar 11 20:02:57 Centos-client-test-slave rsyslogd:
imjournal: rename() failed for new path: '/var/lib/rsyslog/imjournal.state':
Permission denied [v8.24.0-34.el7 try http://www.rsyslog.com/e/0 ]
EDIT: look at logs: it seemps it try to connect to 192.168.9.103 even though I set it up to go 192.168.9.104
also: What does it mean transport endpoint is not connected?
EDIT2
my /etc/nslcd.conf
is this:
uid nslcd
gid ldap
uri ldap://192.168.9.104
base "dc=myco,dc=local"
ssl no
tls_cacertdir /etc/openldap/cacerts
Check the configuration written by authconfig
; since the log messages are about nslcd, try cat /etc/nslcd.conf
to make sure it has the correct contents.
To make sure that the correct configuration is picked up, run nslcd in debug mode. You'll have to stop both the nslcd
and nscd
services – I think centos uses systemd, so systemctl stop nslcd
and systemctl stop nscd
– and run nslcd -d
.
Transport endpoint not connected just means that no network connection was established. In this case, the reason appears to be the misconfiguration.