Environment
Situation
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
ldap_bind: Can't contact LDAP server (-1)
Connect to an LDAP server securely with SSL from the command line.
Resolution
The syntax for an anonymous bind, assuming a valid DER file has been exported to /tmp/testCert.der, is:
ldapsearch -h 192.168.0.1 -p 636 -e /tmp/testCert.der
An authenticated bind would be as follows:
ldapsearch -h 192.168.0.1 -p 636 -e /tmp/testCert.der -D cn=admin,o=novell -W
In either command substitute in your own server's IP address and, if changed from 636, port number. For the second command put in your adminsitrative user's full context (minus the Tree name) in LDAP (comma-separated) format.
The NLDAP-base package is installed by default to /usr/ldaptools and the ldapsearch command's path on OES Linux is /usr/ldaptools/bin/ldapsearch so if your $PATH variable has /usr/bin listed before /usr/ldaptools/bin you may need to specify the full path of the ldapsearch command listed above in order to make the command work correctly.
To see which command is specified without a full context entered you can type `which ldapsearch` (minus the backticks). To have the /usr/ldaptools/bin version show up first you can change your PATH environment variable to search /usr/ldaptools/bin first. Documentation on procedures to perform that operation are available online.
Additional Information
Formerly known as TID# NOVL102930