samba - Jul 2009 - Samba configuration error

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Does anyone know what this error means:

[root@ldap2 samba]# net getlocalsid
[2009/07/07 17:04:00, 0] lib/smbldap.c:smb_ldap_start_tls(600)
Failed to issue the StartTLS instruction: Protocol error
[2009/07/07 17:04:01, 0] lib/smbldap.c:smb_ldap_start_tls(600)
Failed to issue the StartTLS instruction: Protocol error
[2009/07/07 17:04:02, 0] lib/smbldap.c:smb_ldap_start_tls(600)
Failed to issue the StartTLS instruction: Protocol error
[2009/07/07 17:04:03, 0] lib/smbldap_util.c:smbldap_search_domain_info(310)
smbldap_search_domain_info: Adding domain info for FDSAMBA failed with
NT_STATUS_UNSUCCESSFUL
SID for domain LDAP2 is: xyz.....

I am trying to install samba on fedora 11 and got this error.  I didnt
get this error when I installed it on f9 or f10.

I also got this error when trying to do the net group map:

[root@ldap2 MigrationTools-47]# net groupmap add rid=2512
ntgroup='Domain Admins'  unixgroup='Domain Admins'
[2009/07/07 17:16:22,  0] lib/smbldap.c:smb_ldap_start_tls(600)
  Failed to issue the StartTLS instruction: Protocol error
[2009/07/07 17:16:23,  0] lib/smbldap.c:smb_ldap_start_tls(600)
  Failed to issue the StartTLS instruction: Protocol error
[2009/07/07 17:16:24,  0] lib/smbldap.c:smb_ldap_start_tls(600)
  Failed to issue the StartTLS instruction: Protocol error
[2009/07/07 17:16:26,  0] lib/smbldap.c:smb_ldap_start_tls(600)
  Failed to issue the StartTLS instruction: Protocol error
[2009/07/07 17:16:27,  0] lib/smbldap.c:smb_ldap_start_tls(600)
  Failed to issue the StartTLS instruction: Protocol error
adding entry for group Domain Admins failed!


Thanks,

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkpTyi8ACgkQ5B+8XEnAvqthjQCfYpV99pndm0vKk+dVhFpdM6Bj
XSgAn0zs1k3WxmZ3UqrEJqbdE9+O1cVc
=y8G2
-----END PGP SIGNATURE-----

On Tue, Jul 7, 2009 at 7:20 PM, David
Christensen<David.Christensen@viveli.com> wrote:
> Does anyone know what this error means:
>
> [root@ldap2 samba]# net getlocalsid
> [2009/07/07 17:04:00, 0] lib/smbldap.c:smb_ldap_start_tls(600)
> Failed to issue the StartTLS instruction: Protocol error

What version is your ldap server?

Does it support TLS?

What is your password backend?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jonathon Doran wrote:
>> On Wed, Jul 8, 2009 at 11:41 AM, David
>> Christensen<David.Christensen@viveli.com> wrote:
>>>>> I took a look at the /var/log/message log and see:
>>>> with ldap ssl = off ???
>>> Yes, as soon as I enable ldapsam as the password DB, even with ldap
ssl
>>> = off, smb keeps trying to do a StartTLS.
> 
> Did you put "ssl off" in ldap.conf?
I finally got StartTLS turned off, not sure if I had an extra character
in the smb.conf file near ldap ssl, but rewriting the conf file fixed it.

Question, is there a minimum length requirement for the local SID, when
I run net getlocalsid it seems rather short.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkpU2YMACgkQ5B+8XEnAvqvyfACeMXV8T1bddPgsh9TcVBTgTnP5
NVMAn0qDCpeTe4YfI5AcDTrUTdWeDPnt
=oWsQ
-----END PGP SIGNATURE-----