OID 10g Running On Virtual Host Fails To Respond From Remote Hosts: Can't connect to the LDAP server - Connection refused (Doc ID 1320498.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Internet Directory - Version 10.1.2 to 10.1.4 [Release 10gR2 to 10gR3]
Information in this document applies to any platform.

Symptoms

Installed Oracle Internet Directory (OID) 10g, i.e., 10.1.4.3, where Virtual Host Installer option was known to have been used.

Opmn is registered with the virtual hostname name, and opmn.xml shows the virtualhostname ok.

Startup with opmnctl startall appears to work and ldapbinds/ldapsearches on the local host using the virtualhostname work. These also work with the physical hostname. Also able to start additional oidldapd and odisrv instances with host=<virtualhostname> option.

However, same ldap requests from remote hosts do not work, e.g.:

ldapsearch -h myvirtualhostname.mycompany.com -p 389 -D cn=orcladmin -w <password> -s base -b "" objectclass=*
ldap_search: Can't connect to the LDAP server - Connection refused


The command:

telnet myvirtualhostname.mycompany.com 389

Also returns a connection refused type error.

From the remote hosts, ldap commands only work when specifying the physical hostname.

Consulted with local network support and found that the ldap requests are making it through to the OID server, but OID server is refusing the connection.

Seems oidldapd is listening on the physical hostname only, as per the following:

netstat -a | egrep '(6000|6001|ldap)' | grep LISTEN
myphysicalhostname.ldap *.* 0 0 49152 0 LISTEN
myphysicalhostname.ldaps *.* 0 0 49152 0 LISTEN
myphysicalhostname.6000 *.* 0 0 49152 0 LISTEN
myphysicalhostname.6001 *.* 0 0 49152 0 LISTEN


Even after a complete stop and clean up as per <Note:329808.1>, the same problem continues.  Reconfiguring /etc/hosts file in different ways does not help either.


In comparison, on another working system which was not installed with a virtual host option, netstat output shows as listening on any hostname, e.g.:

netstat -a | egrep '(6000|6001|ldap)' | grep LISTEN
*.ldap *.* 0 0 49152 0 LISTEN
*.ldaps *.* 0 0 49152 0 LISTEN

Changes

Opmn.xml file was changed.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms