ldapsearch does not work from server

  • 7015423
  • 24-Jul-2014
  • 08-Aug-2014


Novell Open Enterprise Server 11 (OES 11) Linux
NetIQ eDirectory


ldapsearch doesn't work
cannot do a secure ldap bind
ldap search works from other servers
cannot contact ldap server
TLS accept failure


One server cannot do an ldap search with a secure bind but the same ldap search command works from another server.
To resolve:
  1. Edit /etc/ldap.conf so that it shows only default settings
  2. Edit /etc/openldap/ldap.conf and add TLS_REQCERT ALLOW
  3. Save the setting in openldap/ldap.conf
  4. Restart ldap on the server with nldap -u and nldap -l respectively


An ldap trace shows a TLS accept failure error coming from the server itself, but other servers do not have that error. The TLS_REQCERT option tells the open ldap client in the server to allow the secure connection from the open ldap client.