slapd 运行良好并监听端口 389,但仍然无法连接

slapd 运行良好并监听端口 389,但仍然无法连接

这是我的带有调试功能的 ldapsearch 命令(我屏蔽了我的真实 IP 地址):

$ sudo /usr/local/bin/ldapsearch -H ldap://99.99.99.99 -b dc=my-domain,dc=com -x -d -1
ldap_url_parse_ext(ldap://99.99.99.99)
ldap_create
ldap_url_parse_ext(ldap://99.99.99.99:389/??base)
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP 99.99.99.99:389
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 99.99.99.99:389
ldap_pvt_connect: fd: 3 tm: -1 async: 0
attempting to connect:
connect errno: 110
ldap_close_socket: 3
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

但是,运行起来sudo /usr/local/bin/ldapsearch -H ldap://localhost -b dc=my-domain,dc=com -x一切正常。我也这样做了netstat -plane | grep ":389",并得到了以下打印输出:

tcp        0      0 0.0.0.0:389             0.0.0.0:*               LISTEN      0          521074687  20249/slapd
tcp6       0      0 :::389                  :::*                    LISTEN      0          521074688  20249/slapd

这是我的iptables -L -v输出:

Chain INPUT (policy ACCEPT 10M packets, 938M bytes)
 pkts bytes target     prot opt in     out     source               destination      
 1349  294K ACCEPT     tcp  --  any    any     anywhere             anywhere                  tcp dpt:https

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination      

Chain OUTPUT (policy ACCEPT 10M packets, 982M bytes)
 pkts bytes target     prot opt in     out     source               destination

答案1

事实证明,在机器本身上无法测试这样的外部连接(某种环回问题)。从另一台机器测试连接工作正常。

相关内容