Displaying 3 results from an estimated 3 matches for "ldap_connect_error".
2016 Jan 06
3
Stymied with samba vs openldap SSL ("Failed to issue the StartTLS instruction...")
On Wed, Jan 6, 2016 at 10:36 AM, Graham Allan <allan at physics.umn.edu> wrote:
> On 01/06/2016 09:53 AM, Graham Allan wrote:
>
>>
>> The packet dump is a good idea. I get the same failure using straight
>> SSL to port 636, but wireshark might be able to decode any StartTLS
>> negotiation attempt on the default port. Failing that I guess I'll
>>
2016 Jan 06
0
Stymied with samba vs openldap SSL ("Failed to issue the StartTLS instruction...")
...tory of certs.
gdb didn't give me much new, though for the record, it needed a couple
of things to be usable: (1) install newer gdb from ports, and (2) build
samba with --disable-pie
What I got from that was ldap_start_tls_s (ldap_struct, NULL, NULL) in
smb_ldap_start_tls is returning -11 (LDAP_CONNECT_ERROR), which doesn't
really help.
Maximum debugging on the ldap server gave me:
connection_read(3): TLS accept failure error=-1 id=1042, closing
conn=1042 fd=3 closed (TLS negotiation failure)
I'm out of ideas for now, other than maybe trying one of the openldap lists!
G.
2016 Jan 06
1
Stymied with samba vs openldap SSL ("Failed to issue the StartTLS instruction...")
...idn't give me much new, though for the record, it needed a couple of
> things to be usable: (1) install newer gdb from ports, and (2) build samba
> with --disable-pie
>
> What I got from that was ldap_start_tls_s (ldap_struct, NULL, NULL) in
> smb_ldap_start_tls is returning -11 (LDAP_CONNECT_ERROR), which doesn't
> really help.
>
> Maximum debugging on the ldap server gave me:
> connection_read(3): TLS accept failure error=-1 id=1042, closing
> conn=1042 fd=3 closed (TLS negotiation failure)
>
> I'm out of ideas for now, other than maybe trying one of the openlda...