Xymon Mailing List Archive search

LDAP test will not use nonstandard port

list Scot Kreienkamp
Thu, 17 Sep 2015 20:11:10 +0000
Message-Id: <user-9791915d8e70@xymon.invalid>

Hi John,

Scot Kreienkamp  | Senior Systems Engineer | La-Z-Boy Corporate
One La-Z-Boy Drive | Monroe, Michigan 48162 |  Office: XXX-XXX-XXXX |  |  Mobile: XXXXXXXXXX | Email: user-9678697f1438@xymon.invalid
On 9/17/2015 10:57 AM, Scot Kreienkamp wrote:
Hi all,


I’m running an LDAP test against an Oracle LDAP server from xymon using
this configuration:

ldap://oud1.example.com:1389/DC=example,DC=com
"ldaplogin=cn=admin:password"
That test is failing with the error that it cannot contact the server.

I have the following line in my hosts:
0.0.0.0  foo.bar.com   #
ldap://foo.bar.com:399/uid=someone,ou=people,o=bar.com?mail?base
ldap://foo.bar.com:389/uid=someone,ou=people,o=bar.com?mail?base
ldaps://foo.bar.com:636/uid=someone,ou=people,o=bar.com?mail?base
Broken up for easier reading:
0.0.0.0  foo.bar.com   #
ldap://foo.bar.com:399/uid=someone,ou=people,o=bar.com?mail?base
ldap://foo.bar.com:389/uid=someone,ou=people,o=bar.com?mail?base
ldaps://foo.bar.com:636/uid=someone,ou=people,o=bar.com?mail?base

My server is listening on ports 389 and 636. I have added the 399 test
for diagnostics. The result is: 399 fails, 389, and 636 continue to
work. In this instance, I'd say my ldap test is able to test against
non-standard ports.

(Solaris 10 with Xymon 4.3.21)

Does yours behave any differently if:
A) you attempt an anonymous bind?
B) you wrap your entire "ldap...=com" portion in double-quotes?
C) you replace your bind attempt with a simple port check?

The test results say:
ldap://lzbvidmdvoud1.na.lzb.hq:1389/DC=example,DC=com - failed

So it seems to be picking up the entire LDAP URL without it in quotes.  I have two to test; the first is now surrounded by double quotes, the second is not.  Neither are working.  A simple port check works just fine.  I tried the anonymous bind also, which results in failure also.  Anonymous bind from command line works fine.

This message is intended only for the individual or entity to which it is addressed.  It may contain privileged, confidential information which is exempt from disclosure under applicable laws.  If you are not the intended recipient, you are strictly prohibited from disseminating or distributing this information (other than to the intended recipient) or copying this information.  If you have received this communication in error, please notify us immediately by e-mail or by telephone at the above number. Thank you.