Thomas Raehalme wrote: > Hi! > > As I wrote earlier we are having some serious problems with IPA right > now. dirsrv seems to hang every 15 minutes or so, but that's another post. > > It seems that slapd/dirsrv is now only listening on port 389 for LDAP > and socket for LDAPI requests. Any idea what could have caused > previously available LDAPS port 636 to disappear? > > Looking at the logs before this whole ordeal started port 636 was also > in use. > > After the latest upgrade I have re-enabled port 389 manually because > it's used by some apps, but disabling it also doesn't bring back port 636. > > Best regards, > Thomas > >
If after an upgrade you had no listeners that means that the upgrade failed and wasn't able to restore the previous state. Look in /etc/dirsrv/slapd-YOURREALM for dse.ldif.ipa.#######. This is the copy saved prior to the upgrade attempt. I'd diff it to dse.ldif to see what has changed. To enable port 636 just set nsslapd-security to on. If you do this via dse.ldif you'll need to stop the service before editing the file. Check /var/log/ipaupgrade.log for information on the upgrade. rob -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
