Rowwland if I do that , I have the error Unknown resolve method 'hosts'
- three tests:
ldbsearch -H ldap://midominio:636 -b
"cn=jcbatman3,cn=Users,dc=midominio,dc=ar" -s sub
'(&(sAMAccountName=jcbatman3)(memberOf=*))' memberOf -k yes
Unknown resolve method 'hosts'
Failed to bind - LDAP client internal error: NT_STATUS_CONNECTION_RESET
Failed to connect to 'ldap://midominio:636' with backend 'ldap':
(null)
Failed to connect to ldap://midominio:636 - (null)
ldbsearch -H ldap://midominio:389 -b
"cn=jcbatman3,cn=Users,dc=midominio,dc=ar" -s sub
'(&(sAMAccountName=jcbatman3)(memberOf=*))' memberOf -k yes
Unknown resolve method 'hosts'
Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER
Failed to connect to 'ldap://midominio:389' with backend 'ldap':
(null)
Failed to connect to ldap://midominio:389 - (null)
ldbsearch -H ldap://midominio -b
"cn=jcbatman3,cn=Users,dc=midominio,dc=ar"
-s sub '(&(sAMAccountName=jcbatman3)(memberOf=*))' memberOf -k yes
Unknown resolve method 'hosts'
Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER
Failed to connect to 'ldap://midominio' with backend 'ldap':
(null)
Failed to connect to ldap://midominio - (null)
regards.
El jue, 14 ene 2021 a las 11:58, Rowland penny via samba (<
samba at lists.samba.org>) escribi?:
> On 14/01/2021 08:31, jmpatagonia via samba wrote:
> > Hello Rowland, when using ldbsearch I have this
> >
> > ldbsearch -H ldaps://midominio:636 -b
> > "cn=jcbatman3,cn=Users,dc=prueba,dc=ar" -s sub
> > '(&(sAMAccountName=jcbatman3)(memberOf=*))' memberOf -k
yes
> >
> > TLS failed to missing cafile /var/lib/samba/private/tls/ca.pem - with
> 'tls
> > verify peer = as_strict_as_possible'
> > Failed to connect to ldap URL 'ldaps://midominio:636' - LDAP
client
> > internal error: NT_STATUS_INVALID_PARAMETER_MIX
> > Failed to connect to 'ldaps://midominio:636' with backend
'ldaps': (null)
> > Failed to connect to ldaps://midominio:636 - (null)
> >
> Believe it or not, you do not need to use ldaps, kerberos by itself is
> more secure, so just lose the 's' in ldaps.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>