Re: how to do a ldapsearch from a telnet session

From: Tim X <timx_at_nospam.dev.null>
Date: Mon, 26 Apr 2010 22:31:18 +1000
Message-ID: <87zl0q5rah.fsf_at_rapttech.com.au>



Shakespeare <whatsin_at_xs4all.nl> writes:
> Op 26-4-2010 11:22, Carlos schreef:
>> On Apr 26, 9:47 am, Shakespeare<what..._at_xs4all.nl>  wrote:

>>> Op 21-4-2010 20:39, kat schreef:
>>>
>>>
>>>
>>>> Hi,
>>>> I'm trying to check the status of our OID (10.1.0.4) server running
>>>> OEL 4 from another OEL server by passing a string (cn=mytestdb) and
>>>> I'm hoping to receive an expected string back but I'm getting
>>>> connection closed by foreign host. Is there a configuration change
>>>> that has to be made to open up the access?
>>>
>>>> $> telnet oidserver 389
>>>> Trying 192.168.2.34...
>>>> Connected to oidserver.
>>>> Escape character is '^]'.
>>>> ldapsearch "cn=mytestdb"
>>>> Connection to oidserver closed by foreign host.
>>>> $>
>>>
>>>> I'm able to successfully run ldapsearch "cn=mytestdb" directly on the
>>>> oidserver.
>>>
>>>> Can someone help?
>>>
>>>> thanks.
>>>
>>> Your OID server is not running telnet on port 389, that is the port for
>>> LDAP. Telnet should normally be running on the normal telnet port.
>>>
>>> But you don't need telnet at all to perform an ldap search on another
>>> server. You can use ldapsearch on the second server with the target host
>>> and target port as parameters, like:
>>> ldapsearch -h<targethost> -p<targetport> -D cn=orcladmin -w<password>
>>> -b<basedn> (cn=mytestdb)
>>>
>>> Shakespeare
>>
>> I respectfully disagree with the term 'normal telnet port' (which I
>> presume Shakespeare assumes 23 ).
>>
>> Telnet establishes connection between any different ports (as per RFC
>> 854), and only if intended as remote terminal access this protocol is
>> assigned server port 23.
>>
>> Cheers.
>>
>> Carlos.
>
>
> I stand corrected, Carlos is right here, as the server responds with
> "connected to oidserver". Still, telnet is not needed here, so you could try
> to perform ldapsearch directly.
>

It is possible the OP was a little confused/misled - thinking that you could interact with LDAP directly by issuing protocol commands in the same way that people sometimes use telnet to connect to port 25 to issue SMTP commands or port 80 and issue HTTP commands. I suspect that if you no the low level LDAP protocol, you posibly could do this, but I'm not familiar enough with the protocol spec to be sure. In any case, you would not be using ldapsearch and it would likely be a somewhat painful way to query the directory. There probalby is a basic key sequence you could enter to test and determine if an LDAP server is listening on that port - similar to issuing HELO to SMTP or a GET to HTTP.

Tim

-- 
tcross (at) rapttech dot com dot au
Received on Mon Apr 26 2010 - 07:31:18 CDT

Original text of this message