Security Software

I have ldap enabled on my directory server at port 1636. However, clients are unable to authenticate. In the access log, I am repeatedly seeing the following log statements.

[12/Nov/2007:18:10:23 -0700] conn=8966 op=-1 msgId=-1 - fd=32 slot=32 LDAPS connection from 160.205.229.22:40684 to 160.205.229.22
[12/Nov/2007:18:10:25 -0700] conn=8967 op=-1 msgId=-1 - fd=33 slot=33 LDAPS connection from 160.205.229.22:40685 to 160.205.229.22
[12/Nov/2007:18:10:53 -0700] conn=8966 op=0 msgId=-1 - closing from 160.205.229.22:40684 - B4 - Server failed to flush BER data back to client -
[12/Nov/2007:18:10:53 -0700] conn=8966 op=-1 msgId=-1 - closed.
[12/Nov/2007:18:10:55 -0700] conn=8967 op=0 msgId=-1 - closing from 160.205.229.22:40685 - B4 - Server failed to flush BER data back to client -
[12/Nov/2007:18:10:55 -0700] conn=8967 op=-1 msgId=-1 - closed.
[12/Nov/2007:18:11:23 -0700] conn=8968 op=-1 msgId=-1 - fd=32 slot=32 LDAPS connection from 160.205.229.22:40707 to 160.205.229.22
[12/Nov/2007:18:11:25 -0700] conn=8969 op=-1 msgId=-1 - fd=33 slot=33 LDAPS connection from 160.205.229.22:40710 to 160.205.229.22
[12/Nov/2007:18:11:53 -0700] conn=8968 op=0 msgId=-1 - closing from 160.205.229.22:40707 - B4 - Server failed to flush BER data back to client -
[12/Nov/2007:18:11:53 -0700] conn=8968 op=-1 msgId=-1 - closed.
[12/Nov/2007:18:11:55 -0700] conn=8969 op=0 msgId=-1 - closing from 160.205.229.22:40710 - B4 - Server failed to flush BER data back to client -
[12/Nov/2007:18:11:55 -0700] conn=8969 op=-1 msgId=-1 - closed.
[12/Nov/2007:18:12:23 -0700] conn=8970 op=-1 msgId=-1 - fd=32 slot=32 LDAPS connection from 160.205.229.22:40732 to 160.205.229.22
[12/Nov/2007:18:12:25 -0700] conn=8971 op=-1 msgId=-1 - fd=33 slot=33 LDAPS connection from 160.205.229.22:40733 to 160.205.229.22
[12/Nov/2007:18:12:53 -0700] conn=8970 op=0 msgId=-1 - closing from 160.205.229.22:40732 - B4 - Server failed to flush BER data back to client -
[12/Nov/2007:18:12:53 -0700] conn=8970 op=-1 msgId=-1 - closed.
[12/Nov/2007:18:12:55 -0700] conn=8971 op=0 msgId=-1 - closing from 160.205.229.22:40733 - B4 - Server failed to flush BER data back to client -
[12/Nov/2007:18:12:55 -0700] conn=8971 op=-1 msgId=-1 - closed.
[12/Nov/2007:18:13:23 -0700] conn=8972 op=-1 msgId=-1 - fd=32 slot=32 LDAPS connection from 160.205.229.22:40763 to 160.205.229.22
[12/Nov/2007:18:13:25 -0700] conn=8973 op=-1 msgId=-1 - fd=33 slot=33 LDAPS connection from 160.205.229.22:40764 to 160.205.229.22
[12/Nov/2007:18:13:53 -0700] conn=8972 op=0 msgId=-1 - closing from 160.205.229.22:40763 - B4 - Server failed to flush BER data back to client -
[12/Nov/2007:18:13:53 -0700] conn=8972 op=-1 msgId=-1 - closed.
[12/Nov/2007:18:13:55 -0700] conn=8973 op=0 msgId=-1 - closing from 160.205.229.22:40764 - B4 - Server failed to flush BER data back to client -
[12/Nov/2007:18:13:55 -0700] conn=8973 op=-1 msgId=-1 - closed.

It does not appear that SSL is working correctly. I tried the following command from the command line to see if I could get more info, but no go.

ldapsearch -b "dc=lmco,dc=com" -p 1636 -D "uid=cmassey,ou=People,o=lmco.com,dc=lmco,dc=com" "(objectclass=*)"

After many seconds, I get the following response

ldap_simple_bind: Can't contact LDAP server

I have not set up a separate certificate, as I just want to use the default certificate for now, just to make sure we can get things working. I also ran the following to make sure the defaultCert is there:

dsadm show-cert /vdisk01/local/opt/SUNWdsee/dsins1/ defaultCert

It looks good as far as I can tell.

I should also note that we are using Solaris 10.