[rudder-users] LDAP issue

Francois Armand francois.armand at normation.com
Mon Mar 3 12:15:07 CET 2014 

On 03/03/2014 11:55, Prestasit01 wrote:
>
> Hi all,
>
>  
>
> [...]
>
>  
>
>  
>
> [2014-03-03 11:49:04] ERROR
> com.normation.ldap.sdk.ROPooledSimpleAuthConnectionProvider - Can't
> get a new LDAP connection
>
> com.unboundid.ldap.sdk.LDAPException: An error occurred while
> attempting to connect to server localhost:389:  java.io.IOException:
> An error occurred while attempting to establish a connection to server
> localhost:389:  java.net.ConnectException: Connection refused
>
>         at
> com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:741)
> ~[unboundid-ldapsdk-2.3.1.jar:2.3.1]
>
> Caused by: java.io.IOException: An error occurred while attempting to
> establish a connection to server localhost:389: 
> java.net.ConnectException: Connection refused
>
>         at
> com.unboundid.ldap.sdk.LDAPConnectionInternals.<init>(LDAPConnectionInternals.java:142)
> ~[unboundid-ldapsdk-2.3.1.jar:2.3.1]
>
>  
>
>


It seems that their is problem between Rudder and the LDAP server used
to store policy configurations. A connection may be refused because:
1/ there is a problem with the server,
2/ there is an authentication problem,
3/ something else.

Let alone 3/ for now.

Let's check 1/ :

  * could you please check that the LDAP server is up & running ?
      o restart it (/etc/init.d/slapd restart),
      o and check the logs


If this is OK, let's check 2/

Could you run that command on the Rudder server (change XXX by the value
of RUDDER_OPENLDAP_BIND_PASSWORD in /opt/rudder/etc/rudder-passwords.conf):

       ldapsearch -h localhost -p 389 -D
"cn=manager,cn=rudder-configuration" -w 'XXX' -b
"cn=rudder-configuration" -s one '(objectclass=*)'

You should see something like (with perhaps one less
numResponses/numEntries):

    .....
    [..several entries: ou=Nodes ; ou=Rudder, etc...]
    ....
    # search result
    search: 2
    result: 0 Success

    # numResponses: 5
    # numEntries: 4


If this is also OK, we will try to look for 3/.

Thanks,

-- 
------------------------------------------------------------------------
*François ARMAND*
/Directeur de la R&D/
Normation <http://www.normation.com>
------------------------------------------------------------------------
*87 rue de Turbigo, 75003 Paris, France*
Telephone: 	+33 (0)1 83 62 99 23
Mobile: 	+33 (0)6 63 37 60 55
------------------------------------------------------------------------

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.rudder-project.org/pipermail/rudder-users/attachments/20140303/2d87b9ff/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sig-normation-logo-square.png
Type: image/png
Size: 3503 bytes
Desc: not available
URL: <http://www.rudder-project.org/pipermail/rudder-users/attachments/20140303/2d87b9ff/attachment.png>

More information about the rudder-users mailing list