I have slapd version: 2.4.31-1+nmu2ubuntu8.3 spun up on Ubuntu 14.04. It's configured for TLS over port 389, as well as SSL on 636.
I've run into a query problem testing a new application and not quite sure how to debug it. I can run tcpdump on the ldap server but unless I drop port 389 to cleartext, it's not much use. I really don't want to do that as any passwords used in the test app are basically compromised from a security standpoint. The only thing I can think of is restarting slapd with -D 255 or something but would really like to get a look at the session data between the client and server.
How can I get a look at the data being transferred between the PHP app and the ldap server without compromising the session integrity? There is very little that turns up in /var/log/ files.
UPDATE:
I added extra logging for my cn=config setup like this:
write the following to logmod.ldif:
dn: cn=config
changetype: modify
replace: olcLogLevel
olcLogLevel: stats
dn: cn=config
changetype: modify
add: olcLogLevel
olcLogLevel: stats2
Then run:
sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f logmod.ldif
Best Answer
You will want to set
olcLogLevelto includestatsandstats2. This will cause OpenLDAP to log query and response information to syslog facilityLOCAL4.You will also need to ensure that
LOCAL4is sent to somewhere you can read it, e.g. make/etc/rsyslog.d/slapd.confand have it containlocal4.* /var/log/messages.