Displaying 5 results from an estimated 5 matches for "jfpa_uy8nhi".
Did you mean:
jfpa_uy8nhy
2017 Dec 04
2
samba net ads join windows active directory with ldap ssl
Hi,
I have enabled ldap ssl on Windows 2008 server active directory and want to
join ads domain with net ads join command.
I am getting below error:-
net ads join -U Administrator
ldap_url_parse_ext(ldap://localhost/)
ldap_init: trying /etc/ldap/ldap.conf
ldap_init: using /etc/ldap/ldap.conf
ldap_init: HOME env is /root
ldap_init: trying /root/ldaprc
ldap_init: trying /root/.ldaprc
ldap_init:
2017 Dec 05
2
samba net ads join windows active directory with ldap ssl
Hi,
On checking it further.
I observe below message from net ads command.
LDAP] TLS: hostname (*X.X.X.X*) does not match common name in certificate (
win.cifs.com).
[LDAP] ldap_err2string
Failed to issue the StartTLS instruction: Connect error
I am able to fetch data successfully from ldapsearch command.
It seems samba is connecting to ldap with IP but in client certificate
domain name is
2017 Dec 05
0
samba net ads join windows active directory with ldap ssl
Hi,
Please help me identify what additional is to be done.
On 4 Dec 2017 15:10, "Arjit Gupta" <arjitk.gupta at gmail.com> wrote:
> Hi,
>
> I have enabled ldap ssl on Windows 2008 server active directory and want
> to join ads domain with net ads join command.
>
> I am getting below error:-
> net ads join -U Administrator
>
2017 Dec 07
0
samba net ads join windows active directory with ldap ssl
Hi,
Any one any suggestion how to make this work.
This issue is reported in ubuntu bug 1576799
<https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1576799?comments=all>
earlier
But the solution suggested of replacing ldap ssl ads = Yes to ldap server
require strong auth = Yes leaves communication in plain format.
Arjit Kumar
9650104435
On Tue, Dec 5, 2017 at 12:18 PM, Arjit Gupta
2017 Dec 11
0
samba net ads join windows/ubuntu active directory with ldap ssl
Hi,
I have modified my /etc/ldap/ldap.conf
cat /etc/ldap/ldap.conf
#TLS_REQCERT HARD
TLS_REQCERT ALLOW
TLS_CACERT /etc/ssl/certs/msadmaster.pem
After above changes net ads is succesfull with ssl/tls
I have verified at Windows AD DC end that TLS is being used for
communication with the help of wireshark.
Though i am not sure what is impact of changing TLS_REQCERT to ALLOW from
HARD