Samba 3.3 ldap tools
in [Samba]
|
Prev: [Samba] Samba 3.3 ldap tools
Next: [Samba] Listing Domain Local Groups from a Samba Member (NT4 PDC)
From: Juan Asensio Sánchez on 30 Jun 2010 02:40 These connections that give error are stablished with the ldap system libs, not with smbldap-tools (that use perl), so you have to configure your system to use your certificates (etc/{ldap,openldap}/ldap.conf). regards. 2010/6/30 Indexer <indexer(a)internode.on.net> > I am currently trying to setup my Samba server to act as a samba PDC, with > ldap as a backend. I have a selfsigned CA, that has signed the certificates > to my ldap server. > > Starting my smbd, i keep getting the message > > smb_ldap_setup_connection: ldap://ldap.streetgeek.lan/ > Failed to issue the StartTLS instruction: Connect error > Connection to LDAP server failed for the 1 try! > smbldap_open: already connected to the LDAP server > Failed search for base: dc=dev,dc=gamersalliance,dc=net,dc=au, error: -1 > (Can't contact LDAP server) (error:14090086:SSL > routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (self signed > certificate in certificate chain)) > > I have set in smbldap-tools.conf to verify="allow", as well as in ldap.conf > to TLS_REQCERT = allow, so i dont understand why this is happening. All of > my systems are pointed to the same cacert file so i doubt that it is > confusing certificates. Are there any other options i should be considering? > > Thanks > > William > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |