I do not see an obvious problem with the above.
Perhaps your ldap.conf will be overridden, but command line options will take precedence, ldapsearch ignores the BINDDN in the main ldap.conf , so the only parameter that may be incorrect is the URI. (The order is ETCDIR/ldap.conf , then ~/ldaprc or ~/.ldaprc , and then ldaprc in the current directory, although there are environment variables that may affect this, see man ldapconf .)
Try the explicit URI:
ldapsearch -x -W -D 'cn=Manager,dc=example,dc=com' -b "" -s base -H ldap:
or prevent default values:
LDAPNOINIT=1 ldapsearch -x -W -D 'cn=Manager,dc=example,dc=com' -b "" -s base
If this does not work, then some troubleshooting methods (for them you will probably need the full path to the slapd binary):
make sure your slapd.conf used and is correct (with root privileges)
slapd -T test -f slapd.conf -d 65535
You can have the configuration directory on the left or the default slapd.d , which your slapd.conf prefers (unless you explicitly specify your config with -f , slapd.conf officially deprecated in OpenLDAP-2.4). If you do not get multiple output pages, your binaries were created without debugging support.
stop OpenLDAP and then manually run slapd in a separate terminal / console with debugging enabled (as root, ^ C to exit)
slapd -h ldap://localhost -d 481
then repeat the search and see if you can identify the problem (unfortunately, there will be a lot of noise at the beginning of the output). (Note: running slapd without the -u / -g options can change the owner of the files, which can cause problems, you should usually use these options, possibly -u ldap -g ldap )
If debug is on, try also
ldapsearch -v -d 63 -W -D 'cn=Manager,dc=example,dc=com' -b "" -s base
mr.spuratic
source share