I tried with the aqua network, I can reach mysql just fine. I even ran
db dockrules set pilerldap aqua TCPPorts 389,636 status enabled
signal-event firewall-adjust
However, the ldap server still doesnât like me. I think the problem may be elsewhere. I believe that you must connect to 127.0.0.1:389 otherwise you canât authenticate even with a correct password.
ldapsearch -x -h 127.0.0.1 -D âuid=piler,ou=People,dc=directory,dc=nhâ -b âou=People,dc=directory,dc=nhâ -w piler123 â(&(objectclass=posixAccount)(uid=piler))â mail
piler, People, directory.nh
dn: uid=piler,ou=People,dc=directory,dc=nh
mail: piler@acts.hu
search result
search: 2
result: 0 Success
numResponses: 2
numEntries: 1
ldapsearch -x -h 172.28.0.1 -D âuid=piler,ou=People,dc=directory,dc=nhâ -b âou=People,dc=directory,dc=nhâ -w piler123 â(&(objectclass=posixAccount)(uid=piler))â mail
ldap_bind: Invalid credentials (49)
Notice that the only difference is the ldap host IP-address I try to connect.
account-provider-test dump shows that itâs 127.0.0.1 as well:
{
âBindDNâ : âcn=ldapservice,dc=directory,dc=nhâ,
âLdapURIâ : âldap://127.0.0.1â,
âDiscoverDcTypeâ : âdnsâ,
âStartTlsâ : ââ,
âportâ : 389,
âhostâ : â127.0.0.1â,
âŠ
}
So I think the solution is to fix the ldap server to accept login attempts on any IP-address. How can we do that?