LDAP侦听localhost但主机名或IP

时间:2015-12-30 22:34:30

标签: linux sockets connection listener openldap

我在运行Raspian的raspberryPI上安装了LDAP,我认为这是一个Debian分支。

我有一个数据库和条目,如果我使用-h localhost或-h 127.0.0.1,可以从服务器成功进行LDAP搜索。但是,如果我使用主机名或IP,我会收到一条错误消息:

root@rpi1:~# ldapsearch -d 1 -x -h 10.10.0.11 -b "ou=Groups,dc=pi,dc=home"
ldap_create
ldap_url_parse_ext(ldap://10.10.0.11)
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP 10.10.0.11:389
ldap_new_socket: 4
ldap_prepare_socket: 4
ldap_connect_to_host: Trying 10.10.0.11:389
ldap_pvt_connect: fd: 4 tm: -1 async: 0
attempting to connect:
connect errno: 111
ldap_close_socket: 4
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

对我来说奇怪的是服务正在监听端口:

    root@rpi1:~# nmap 10.10.0.11

Starting Nmap 6.47 ( http://nmap.org ) at 2015-12-30 22:16 UTC
Nmap scan report for rpi1.pi.home (10.10.0.11)
Host is up (0.00017s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
80/tcp  open  http
636/tcp open  ldapssl

Nmap done: 1 IP address (1 host up) scanned in 26.78 seconds
root@rpi1:~#
root@rpi1:~#
root@rpi1:~#
root@rpi1:~#
root@rpi1:~# nmap localhost

Starting Nmap 6.47 ( http://nmap.org ) at 2015-12-30 22:17 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00018s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 996 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
80/tcp  open  http
389/tcp open  ldap
636/tcp open  ldapssl

Nmap done: 1 IP address (1 host up) scanned in 26.82 seconds

您可以看到扫描localhost显示该服务正在侦听389,但是如果我使用服务器的IP或主机名则不会。

所以我无法在另一台服务器上连接客户端,因为它似乎只是在监听localhost .....这超出了我的有限理解,我担心。

据我所知,我正在解析名称ok:

root@rpi1:~# host rpi1
rpi1 has address 10.10.0.11

root@rpi1:~# host rpi1.pi.home
rpi1.pi.home has address 10.10.0.11

root@rpi1:~# host ldap.pi.home
ldap.pi.home has address 10.10.0.11

证明数据库正在运行:

root@rpi1:~# ldapsearch -x -h 127.0.0.1 -b "cn=Bradley Atkins,cn=musedev,ou=Groups,dc=pi,dc=home"
# extended LDIF
#
# LDAPv3
# base <cn=Bradley Atkins,cn=musedev,ou=Groups,dc=pi,dc=home> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# Bradley Atkins, musedev, Groups, pi.home
dn: cn=Bradley Atkins,cn=musedev,ou=Groups,dc=pi,dc=home
cn: Bradley Atkins
givenName: Bradley
gidNumber: 501
homeDirectory: /home/users/batkins
sn: Atkins
loginShell: /bin/sh
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
uidNumber: 1001
uid: batkins

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

有人可以建议前进的方向吗?

感谢

1 个答案:

答案 0 :(得分:1)

nmap输出显示清楚时,它正在侦听127.0.0.1,而不是0.0.0.0。

相关问题
最新问题