Hi. I am trying to get Samba 3.0.4, from tarball, working with Fedora Core
1. The problem is that I can't get LDAP authentication with either ssl or
start_tls support.
I tried compiling ldap on a plain install of fedora. I also tried compiling
it after installing openssl-0.9.7d and openldap 2.2.11 clients and libraries
from tarball. My ldap configuration of samba is as follows:
idmap backend = ldapsam_compat:ldap://ldap.domain.tld
passdb backend = ldapsam_compat:ldap://ldap.domain.tld
ldap admin dn = cn=Directory
Administrator,ou=Maintenance,o=domain
ldap delete dn = no
ldap port = 389
ldap server = ldap.domain.tld
ldap ssl = start_tls
ldap suffix = o=domain
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap machine suffix = ou=Workstations,ou=People
I installed samba 3.0.4, from tarball, on a redhat linux 8.0 box and tls and
ssl support works just fine.
Is there something that I need to do to get ssl/tls support enabled. What
am I doing wrong?
On the subject of compiling. Is there a way to statically build the samba
package and binary programs? Can someone refer me to a compiling unix
programs for dummies?
Thanks in advance.
I forgot to mention something. The error message I get is
"smbldap_search_suffix: Problem during the LDAP search: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (Connect
error)" with tls support and
"Can't contact LDAP server
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed
Connection to LDAP Server failed for the 1 try!
Connection to LDAP Server failed for the 2 try!
Connection to LDAP Server failed for the 3 try!
Connection to LDAP Server failed for the 4 try!
Connection to LDAP Server failed for the 5 try!
Connection to LDAP Server failed for the 6 try!"
with ssl support turned on.
"Robert" <Robertedstrom@yahoo.com> wrote in message
news:c7r4nu$mnc$1@sea.gmane.org...> Hi. I am trying to get Samba 3.0.4, from tarball, working with Fedora
Core> 1. The problem is that I can't get LDAP authentication with either ssl
or
> start_tls support.
>
> I tried compiling ldap on a plain install of fedora. I also tried
compiling> it after installing openssl-0.9.7d and openldap 2.2.11 clients and
libraries> from tarball. My ldap configuration of samba is as follows:
>
> idmap backend = ldapsam_compat:ldap://ldap.domain.tld
> passdb backend = ldapsam_compat:ldap://ldap.domain.tld
> ldap admin dn = cn=Directory
> Administrator,ou=Maintenance,o=domain
> ldap delete dn = no
> ldap port = 389
> ldap server = ldap.domain.tld
> ldap ssl = start_tls
> ldap suffix = o=domain
>
> ldap user suffix = ou=People
> ldap group suffix = ou=Group
> ldap machine suffix = ou=Workstations,ou=People
>
> I installed samba 3.0.4, from tarball, on a redhat linux 8.0 box and tls
and> ssl support works just fine.
>
> Is there something that I need to do to get ssl/tls support enabled. What
> am I doing wrong?
>
> On the subject of compiling. Is there a way to statically build the samba
> package and binary programs? Can someone refer me to a compiling unix
> programs for dummies?
>
> Thanks in advance.
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>