LDAP Ports 389 and 636 not listening

Similar Messages

• Steps needed to switch over from  port  389 to  636  for LDAP server

  Hi ,
  we need to switch to new LDAP server with port 636.
  current server is being eol'd and port 389 doesnt work on the new server
  server : sunone web server 6.1
  i have installed the ca certificates and also tesed that port 636 is open .
  what are the config changes needed to be done.. It is a simple ACLl based access control application
  Thanks
  Naresh

  What are the errors printed by the server when it's trying to connect to the
  DBMS? Have you configured the DBMS for 'mixed-mode' connection? (ie:
  allowing the plain TCP socket listener that the driver wil need).
  Joe Weinstein at Oracle

• E3000 ports 2 and 3 not working

  I have 4 computers hooked up(wired) to the E3000, i noticed that the ports 1 and 4 work(have internet and are lit) and ports 2 and 3 do not work at all. Cannot accuses routers page along with that. I did a clean install(factory settings/restarted) and tried the same ports, they still do not work. I looked at the routers settings, the ports are not blocked, is this a defective item?

  First press and hold the reset button on the router for 45 - 60 seconds and then reconfigure the router from scratch. Now  the ports should work and even after re-configuring the router, If the port number 2 and 3 is not working then it's a hardware fault.

• TX2000 USB Ports, Digitizer and Webcam not working (several people have save problem)

  OK folks this is an old problem that was posted on the old TX/TM board:
  http://h30434.www3.hp.com/t5/TX-TM-Series-Notebooks-Reply/tx2000-usb-ports-digitizer-webcam-all-not-...
  Several of us have had these ports/hardware fail. 
  ****IT IS NOT A BLACK SCREEN FAILURE******
  In my case, the motherboard has very low hours after replacement, full system reinstall, all drivers up to date.  If you take the time to read all three pages, you will see that many of us have tried everything that anyone suggested.  Most of us still believe that this is a software issue as opposed to a hardware issue.
  Not much hope for a soulution, but thought I would try this board since the TX/TM board is now reply only and probably has a very low visit rate.
  Jim

  I also am not able to use the pen and touch features after doing a recovery manager to factory spec, everything else is good but like the others when trying to open Tablet Properties it gives the message a supported  tablet was not found on the system, also after updating the digitizer from hp the version does not change it's still 6.1.6002.18005 when it's supposed to be 5.05-5_HP5 Rev.A.
  I've unblocked the download in properties ran it as administrator,uninstalled the old driver, my USB works my Quick launch buttons work, the screen rotates, the bios is updated. ran HP Update it finds two updates -a HP update software utility and a critical update HP Photosmart and then nothing else when there are many many more at the software and driver page for the TX2000
  Is HP being silent due to the class action lawsuit? Was that a perk that hp got for settling, that they no longer have to address any issue with this Tx2000 series?
  As so many have wrote before...... NEVER AGAIN HP!

• TCP Ports 566 and 567 not available

  Hello. I'm running Plan 9 from Bell Labs on QEMU and I have the CPU/Auth server set up. This allows me to use a program called drawterm to tie Mac OS X and Plan 9 together. For example, I can write a program in Plan 9 and give it to OS X to put on a website:
  tar cv program/ | gzip | cpmac -c program.tgz
  (Sorry, I forgot how to format code blocks on the forum.) However, when I upgraded to 10.5, I wasn't able to log in. I found the necessary ports to unblock in QEMU, but it fails to run for ports 566 and 567. This sounds like a network problem with OS X. Does anyone know anything? Thanks.

  To rule out an issue with your application firewall turn it off in the security preferences.
  Also if you have little snitch installed make sure you are allowing outbound connections to those ports.

• Port 9704 and 9710 not opening on OBIEE

  I am working on OBIEE and the port get closed from time to time, waht can I do, as it won't show as being opened. Can I get help from u on how to oepn a port?
  nmap ebs
  Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2009-02-27 17:35 WAT
  Interesting ports on ebs.appstech.local (192.168.15.4):
  (The 1655 ports scanned but not shown below are in state: closed)
  PORT STATE SERVICE
  22/tcp open ssh
  111/tcp open rpcbind
  113/tcp open auth
  734/tcp open unknown
  1522/tcp open rna-lm
  Nmap run completed -- 1 IP address (1 host up) scanned in 0.241 seconds
  nmap ebs
  Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2009-02-27 17:35 WAT
  Interesting ports on ebs.appstech.local (192.168.15.4):
  (The 1655 ports scanned but not shown below are in state: closed)
  PORT STATE SERVICE
  22/tcp open ssh
  111/tcp open rpcbind
  113/tcp open auth
  734/tcp open unknown
  1522/tcp open rna-lm
  Nmap run completed -- 1 IP address (1 host up) scanned in 0.241 seconds
  [root@ebs setup]# ./sawserver.sh
  Type: Information
  Severity: 30
  Time: Fri Feb 27 17:35:23 2009
  File: project/sawserver/sawserver.cpp Line: 386
  Properties: ThreadID-3086034624
  Location:
  saw.sawserver
  Oracle BI Presentation Services 10.1.3.3.3 (Build 080430.1930) are starting up.
  Type: Warning
  Severity: 40
  Time: Fri Feb 27 17:35:24 2009
  File: project/webcomm/socketrpcserver.cpp Line: 323
  Properties: ThreadID-3086034624
  Location:
  saw.rpc.server.initialize
  saw.sawserver
  Port 9710 was reported as currently in use by the system. The configured listener address may be in the TIME_WAIT state or may be in use by some other service.
  Type: Error
  Severity: 20
  Time: Fri Feb 27 17:35:24 2009
  File: project/sawserver/main.cpp Line: 338
  Properties: ThreadID-3086034624
  Location:
  saw.sawserver
  Port 9710 is in use on the local system. [Socket:12]
  Starting OC4J from /d02/app/oracle/product/10.2.0/OBIEE/oc4j_bi/j2ee/home ...
  [root@ebs bin]# 2009-02-27 17:36:34.161 ERROR ServerFile[PersistentMap,/d02/app/oracle/product/10.2.0/OBIEE/oc4j_bi/j2ee/home/persistence/jms.state]: persistence file could not be locked. Resolve the sharing violation by ending the process currently holding the file lock or by using a different persistence directory for one or both processes.
  09/02/27 17:36:34 *** (SEVERE) ServerFile[PersistentMap,/d02/app/oracle/product/10.2.0/OBIEE/oc4j_bi/j2ee/home/persistence/jms.state]: persistence file could not be locked. Resolve the sharing violation by ending the process currently holding the file lock or by using a different persistence directory for one or both processes.
  2009-02-27 17:36:34.169 ERROR Failed to set the internal configuration of the OC4J JMS Server with: XMLJMSServerConfig[file:/d02/app/oracle/product/10.2.0/OBIEE/oc4j_bi/j2ee/home/config/jms.xml]
  09/02/27 17:36:34 *** (SEVERE) Failed to set the internal configuration of the OC4J JMS Server with: XMLJMSServerConfig[file:/d02/app/oracle/product/10.2.0/OBIEE/oc4j_bi/j2ee/home/config/jms.xml]
  2009-02-27 17:36:34.171 ERROR J2EE OJR-00011 Exception starting JMS server: Failed to set the internal configuration of the OC4J JMS Server with: XMLJMSServerConfig[file:/d02/app/oracle/product/10.2.0/OBIEE/oc4j_bi/j2ee/home/config/jms.xml]
  2009-02-27 17:36:34.235 ERROR J2EE RMI-00002 Error starting ORMI server ebs.appstech.local port 23,791: Address already in use
  2009-02-27 17:36:34.238 ERROR java.net.BindException: Address already in use
  at java.net.PlainSocketImpl.socketBind(Native Method)
  at java.net.PlainSocketImpl.bind(PlainSocketImpl.java:359)
  at java.net.ServerSocket.bind(ServerSocket.java:319)
  at java.net.ServerSocket.<init>(ServerSocket.java:185)
  at com.evermind.server.rmi.RMIServer.createServerSocket(RMIServer.java:433)
  at com.evermind.server.rmi.RMIServer.createNonSecureSocket(RMIServer.java:347)
  at com.evermind.server.rmi.RMIServer.setConfig(RMIServer.java:210)
  at com.evermind.server.ApplicationServer.initializeRMI(ApplicationServer.java:2378)
  at com.evermind.server.ApplicationServer.setConfig(ApplicationServer.java:966)
  at com.evermind.server.ApplicationServerLauncher.run(ApplicationServerLauncher.java:131)
  at java.lang.Thread.run(Thread.java:595)
  09/02/27 17:36:34 Error starting ORMI server ebs.appstech.local port 23,791: Address already in use
  09/02/27 17:36:34 Shutting down OC4J...

  The DB is working fine, so, how could I go about it? Thanks. It was working fine in the morning
  tnsping test
  TNS Ping Utility for Linux: Version 10.2.0.1.0 - Production on 27-FEB-2009 18:54:54
  Copyright (c) 1997, 2005, Oracle. All rights reserved.
  Used parameter files:
  /d02/app/oracle/product/10.2.0/db_1/network/admin/sqlnet.ora
  Used TNSNAMES adapter to resolve the alias
  Attempting to contact (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.15.4)(PORT = 1521))) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = test.appstech.local)))
  OK (10 msec)
  [oracle@ebs ~]$ lsnrctl services test
  LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 27-FEB-2009 18:56:00
  Copyright (c) 1991, 2005, Oracle. All rights reserved.
  Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.15.4)(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=test.appstech.local)))
  Services Summary...
  Service "test.appstech.local" has 2 instance(s).
  Instance "test", status UNKNOWN, has 1 handler(s) for this service...
  Handler(s):
  "DEDICATED" established:0 refused:0
  LOCAL SERVER
  Instance "test", status READY, has 1 handler(s) for this service...
  Handler(s):
  "DEDICATED" established:0 refused:0 state:ready
  LOCAL SERVER
  Service "testXDB.appstech.local" has 1 instance(s).
  Instance "test", status READY, has 1 handler(s) for this service...
  Handler(s):
  "D000" established:0 refused:0 current:0 max:1022 state:ready
  DISPATCHER <machine: ebs.appstech.local, pid: 11844>
  (ADDRESS=(PROTOCOL=tcp)(HOST=ebs.appstech.local)(PORT=56762))
  Service "test_XPT.appstech.local" has 1 instance(s).
  Instance "test", status READY, has 1 handler(s) for this service...
  Handler(s):
  "DEDICATED" established:0 refused:0 state:ready
  LOCAL SERVER
  The command completed successfully
  Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2009-02-27 18:56 WAT
  Interesting ports on ebs.appstech.local (192.168.15.4):
  (The 1655 ports scanned but not shown below are in state: closed)
  PORT STATE SERVICE
  22/tcp open ssh
  111/tcp open rpcbind
  113/tcp open auth
  734/tcp open unknown
  1521/tcp open oracle

• Child DC cannot Replicate to Parent DC, because of connection errors. MS PortQryUI shows that ports 3268 and 3269 are not listening,

  I started a support case with Microsoft to help me with raising the our domain Forest level because i received a message stating that there were Windows 2000 PDC still listed in the database. These PDCs were removed years ago. The tech saw all of the problems
  i was having with domain replication so that is where he started. running the MS PortQryUI shows that ports 3268 and 3269 are not listening, (TCP port 3268 (unknown service): NOT LISTENING) when run FROM a Child domain controller against the Parent
  Domain controller. Between the 2 Child domain controllers these ports are listening.
  The Windows firewall is not running on any of the controllers, i removed a virus protect client from all of the servers, although i didn't enable the firewall there either, but these ports are still not listening on the Parent DC.
  I need help debugging this. I am not very familiar with network sniffers so if i need to run one i'll need some guidance. This DC only has one NIC, all IP addresses are static, all servers are setup like this. All servers are in the same subnet, on the same
  lan, on the same cisco switch, there shouldn't be anything blocking this port from starting.
  I looked over other post that show this same problem, but they don't give a solution. If i am not using the Windows firewall why wouldn't these ports be open?
  Any ideas? web searches are all over the map on trying to find the reason for this.
  Bobby

  Try running the below command on the DCs that you think have the ports blocked or all the DCs.
  netdiag /test:ipsec /debug > c:\dcname-ipseclog.log
  Open that from the C drive and see if there is anything saying block or filters. 
  Also, just for kicks have you disabled the firewall service on the DCs? 
  And just for kicks have you tried enabling firewalls ports on all the DCs?  The KB is below
  http://support.microsoft.com/kb/555381/en-us
  Step 1 - netdiag results
  Step 2 - disable the firewall service on all DCs if step 1 was negative
  Step 3 - enable the firewalls on all DCs per KB 555381 if step 2 doesn't work
  Let us know how it goes!
  If it answered your question, remember to “Mark as Answer”.
  If you found this post helpful, please “Vote as Helpful”.
  Postings are provided “AS IS” with no warranties, and confers no rights.
  Active Directory: Ultimate Reading Collection

• Using secure port only and disabling port 389

  Hello everyone,
  I'd like to know if it is possible to run LDAPS port 636 and stop LDAP port 389. Will this have bad results with other applications like messaging server, administration server,.... and if this is feasible without any drawback, how can we do that?
  Thank you very much for your help

  Scott,
  AccessHW.zip should work for WinXP according to what I have read..(though it may vary with SP1 or 2 or updated drivers etc.) If it does work for you...that would be the easiest way to communicate via your port in XP.
  -Brett

• WLC Virtual interface listening on ports 25 and 110

  I'm securing my guest WLAN and have WLC ACL's in place and the network is segmented from everything else but I decided to run a port scan against the virtual WLC interface (1.1.1.1 for me) and ports 25 and 110 are listening. I connected to 25 and it connects but you can't do any SMTP commands.
  Anyone know why these would be open and any concern?

  It is always recommended to have the ACLs configured on the wired side of the network rather than the wireless side of the network.can you provide the ACL configuration so that we can understand the configuration and find the modification to be done in the same to rectify the issue.

• Configuring customized ldap ports on cisco load balancer

  Hi,
  I have configured ldap on a different ports than the 389 and 636.  How do I configure this port to be allowed on the Cisco load balancer.  I'm a newbie to cisco load balancer.  Is there any specific configuration to be followed to set the customized port on the load balancer ?
  Any help is appreciated.
  Thanks in advance

  Hi,
  By default, ACE denies all traffic coming to an interface and you need to define ACL's to allow traffic. You can define an extended ACL to allow the traffic from IP's, TCP/UDP ports etc. Please visit the below for details about ACL configuration on ACE.
  http://www.cisco.com/c/en/us/td/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/security/guide/securgd/acl.html#wp1018359
  Also, pasting another link for basic TS related to ACE.
  http://docwiki.cisco.com/wiki/Cisco_Application_Control_Engine_(ACE)_Troubleshooting_Guide_--_Troubleshooting_Access_Control_Lists
  Regards,
  Kanwal

• Disabling LDAP / OD / Changing LDAP port

  I thought this was simple and would be no problem but I seem to be struggling.
  I have an 3rd party ldap service running on a macmini server with 10.6.2 and I want to run it on port 389. The service won't start as another app (OS X) is using it.
  So I thought no problem I'll find the LDAP and change the port. So opened directory services and changed it there with no results. Maybe OD is using it so changed that to SSL using Server Admin - That actually worked because then the Secure LDAP on my third party application shut down but normal LDAP was still blocked.
  So Can I somehow shut down or change the LDAP port 389 on OSX.
  Thanks

  Many Open Directory problems can be resolved by taking the following steps. Test after each one, and back up all data before making any changes.
  1. The OD master must have a static IP address on the local network, not a dynamic address.
  2. You must have a working DNS service, and the master's hostname must match its fully-qualified domain name. To confirm, select the server by name in the sidebar of the Server application window, then select the Overview tab. Click the Edit button on the Host Name line. On the Accessing your Server sheet, Domain Name should be selected. On the Accessing your Server sheet, change the Host Name, if necessary. The server must have at least a three-level name (e.g. "server.yourdomain.com"), and the name must not be in the ".local" top-level domain, which is reserved for Bonjour.
  3. The primary DNS server used by the master must be 127.0.0.1 (that is, itself) unless you're using another server for internal DNS. The only DNS server set on the clients should be the internal one, which they should get from DHCP if applicable.
  4. Follow these instructions to rebuild the Kerberos configuration on the master.
  5. If you use authenticated binding, check the validity of the master's certificate. The common name must match the hostname and domain name. Deselecting and then reselecting the certificate in Server.app has been reported to have an effect in some cases.
  6. Unbind and then rebind the clients in the Users & Groups preference pane. Use the fully-qualified domain name of the master.
  7. Reboot the master and the clients.
  8. Don't log in to the server with a network user's account.
  9. Export all OD users, delete them, turn off OD, turn it back on, and import. Ensure that the UID's are in the 1001+ range.

• When Change LDAP Port , Have to Rebuild?

  I need to change LDAP port(389-> 1389)
  - Admin port : 390 -> 1390
  - 3 Master Replication
  - Sun Java System Directory Server Enterprise Edition 5.2 SP6
  sure, I need to remove exsting Replication Agreements and create Replication Agreements.
  then, I have to rebuild all LDAP Database? (3 Master)
  Thanks
  Edited by: 861866 on May 27, 2011 1:33 AM

  DISCLAIMER: this procedure is neither somewhere documented, nor officially supported, that's why you must consider all I'll write afterwards just as pure speculation.
  SUPPOSE that you can afford to cleanly shut down all the servers in the topology at the same time, after backing up each of the dse.ldif configuration files, you could change the port references in the dse.ldif files for:
  1. nsslapd-port
  2. nsslapd-referral(s)
  3. for each replication agreement:
  3.1 DN
  3.2 CN
  3.3 nsDS5ReplicaPort
  3.4 nsds50ruv(s)
  f you intend to change also the admin/config DS instance, before restarting the admin server/console, remember to update the attribute nsslapd-pluginarg0 under dn: cn=Pass Through Authentication,cn=plugins,cn=config in the dse.ldif files of the instances and also refer to the docs:
  http://download.oracle.com/docs/cd/E19850-01/816-6704-10/admin_config.html
  before restarting the instances.
  HTH,
  marco

• Security Scan found Weak and Medium strength ciphers port 389&636

  After a recent security scan on one of our Apple Servers running 10.9.5 (Mavericks) it has reported weak and medium strength ciphers on port 389&636 and also that SSLv2 and SSLv3 is enabled. The Server is running Profile Manager and therefore also Open Directory although we are not really using Open Directory for authentication as we have AD within the organisation.
  My question is how can I modify Open Directory to only use HIGH ciphers and not MEDIUM or LOW? I have found the httpd-ssl.conf file but that is only listening on port 443. I have also found the slapd.conf but can't see where I would make the change.
  Any help would be greatly appreciated.
  Thanks

  So would you believe it I've managed to get it working. I wanted to see if Yosemite suffered from the same 'issues' that Mavericks does with SSLv2 & SSLv3 support. Also the weak ciphers bsing used. Well they scannex that server and found exactly the same 'issues' as before. So I started working on it this morning editing slapd.conf, slapd.conf.default, slapd_macosxserver.conf and apache-ssl.conf it might sound overkill but I thought what the ****. I added the following lines to all conf files:
  SSLProtocol ALL -SSLv2
  SSLCipherSuite HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL
  TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
  and and it worked. Passed the scan with flying colours however might need to mod SLLv3 to keep theM happy.
  I need to replicate this on a Mavericks Server so hope the jist is the same.
  thanks for the advice Linc.

• LDAP-Connector with LDAPS (Port 636)

  Hello everybody,
  i had read some answers but not the right in my opinion.
  I want to connect with the LDAP-Connector (T-Code: LDAP) with an LDAP-Server (OpenDS) over LDAPS (Port 636)?
  But I had read some Notes (456666 and 517755) which describs thats not poosible to connect on a LDAP-Server over LDAPS when the host-system is Linux-based, is it true?
  And one solution is to take the ldap_rfc.exe on a windows-based and use this, is this also right? and if it is rigth, how can i do this?
  The connection to OpenDS-LDAP-Server over Port 389 (LDAP) works fine also syncronisation of attributes.
  Eventually are exists other solutions for my very big problem.
  sorry for my bad english
  regards rene

  Hello René,
  SAP note 456666 is correct. Maintaining the LDAP (LDAPS) connection to the directory service is the task of the LDAP client library, which is not provided by SAP, but by the OS vendor of the system where the LDAP connector is located.
  Only the OS vendor can help on the task of configuring LDAPS with their implementation of the LDAP client library.
  If you intend to use a WIndows then yes, it should work: see the "Solution" section of note 456666.
  You can also refer:
  I hope this helps.
  All the best,
  Cristiano

• CFLDAP and port 389

  Hi all,
  Recently we got a new server with ColdFusion 8 installed on it. I have been trying to execute many scripts in it and i am stuck with an error.
  "Connection to LDAP server failed".
  Here is the statement which is failing..
  <cfldap
               server = "ldap.abc.com"
               action = "query"
               PORT="389"
               name = "results"
               start = "o=slb,c=an"
              filter = "alias=ifaz"
               attributes = "cn"
               sort = "cn ASC" SCOPE="SUBTREE" >
  <cfoutput query = "results">#cn#</cfoutput>
  But the same statement works perfectly in my other server which runs Coldfusion 7
  I tried reading so many article on CFLDAP and it all mentioned to use port 636 with CFSSL_BASIC.
  Please help me by telling why the above statement is not working even though port 389 is nonsecured port.. and why its working in Coldfusion 7.
  Rgd,
  Ifaz

  How is changing your client's connection details a directory server problem? TLS is meant to be used on the clear text (not SSL) port. So your client is doing the right thing.
  Edited by: etst123 on Jul 31, 2008 11:38 PM