Daniel Campbell
2004-May-18 17:14 UTC
[Samba] secure SSL connection to openldap server fails
I am having trouble getting the Samba version 3.0.4 to connect securely to
my openldap backend. I am using straight SSL and not TLS but it still seems
like it is trying to connect using TLS. The samba and the openldap server
are on the same machine and I can connect to the ldap server using a ldap
browser via ssl without a problem so I know the ldap server is running
correctly. My config is below, am I missing something or have something
configured wrong? I used to have this working in the past. It works fine
if it is not encrypted and I connect to localhost on port 389. The issue is
eventually these two servers will be on different subnets/machines so I want
to have it use the SSL for security purposes.
workgroup = MYDOMAIN
netbios name = MYDOMAINPDC
server string = DOMAINPDC
passdb backend = ldapsam:ldaps://127.0.0.1:636
log file = /var/log/samba/log.%m
max log size = 10000
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
load printers = No
add user script = /usr/local/sbin/smbldap-useradd.pl -m '%u'
delete user script = /usr/local/sbin/smbldap-userdel.pl %u
add group script = /usr/local/sbin/smbldap-groupadd.pl -p '%g'
delete group script = /usr/local/sbin/smbldap-groupdel.pl '%g'
add user to group script = /usr/local/sbin/smbldap-groupmod.pl -m
'%g' '%u'
delete user from group script /usr/local/sbin/smbldap-groupmod.pl -x
'%g' '%u'
set primary group script = /usr/local/sbin/smbldap-usermod.pl -g
'%g' '%u'
add machine script = /usr/local/sbin/smbldap-useradd.pl -w '%u'
logon path = \\%L\Profiles\%U
domain logons = Yes
os level = 66
preferred master = Yes
domain master = Yes
wins support = Yes
ldap suffix = o=sample.com
ldap machine suffix = ou=users
ldap user suffix = ou=users
ldap group suffix = ou=groups
ldap admin dn = uid=root,ou=users,o=sample.com
Maybe Matching Threads
Wisdom of the Ancients
