search for: ldap_start_tls

I have samba4 4.1.9 on ubuntu 14.04 and I am trying to connect with phpldapadmin. Problem seems to be with the start tls and that PHP ldap_start_tls doesn't like self signed certificates that are not in the local ca. The samba certs are in /var/lib/samba/private/tls. Does php ldap_start_tls use /etc/ldap/ldap.conf ? # TLS certificates (needed for GnuTLS) TLS_CACERT /etc/ssl/certs/ca-certificates.crt Should that line change or BARK! am I...

Hi @all, I cannot use this patch in 2.2.5. I patched the source before with parse_sec.patch ldap_start_tls.patch Makefile.in.patch srv_spoolss_nt.patch addform.diff Containes the samba-2.2.5-printing.patch only parts of the above patches? tom

...ldapsearch -x -D "cn=user,ou=users,dc=dc,dc=local" -p 636 -h PDC -b "DC=dc,DC=local" -w pass output: ldap_result: Can't contact LDAP server (-1) ldapsearch -x -D "cn=user,ou=users,dc=dc,dc=local" -p 636 -h PDC -b "DC=dc,DC=local" -w pass -Z output: ldap_start_tls: Can't contact LDAP server (-1) ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) ldapsearch -x -D "cn=user,ou=users,dc=dc,dc=local" -p 636 -h PDC -b "DC=dc,DC=local" -w pass -ZZ output: ldap_start_tls: Can't contact LDAP server (-1) openssl s_client -conn...

...ls enabled = Yes tls keyfile = tls/key.pem tls priority = NORMAL:-VERS-SSL3.0 tls verify peer = as_strict_as_possible ldapsearch -U USER -h ldaps://localhost -p636 -w PASS -b dc=internal,dc=test,dc=com,dc=br -s sub '(objectClass=user)' givenName -LLL -n -N -Z ldap_start_tls: Connect error (-11) additional info: (unknown error code) ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) additional info: (unknown error code) What would be wrong? Em 11-01-2017 14:39, Rowland Penny via samba escreveu: > On Wed, 11 Jan 2017 11:09:15 -050...

Can somebody tell me what this error means (server, domain etc. changed to protect the innocent)? ldapsearch -H ldap://ldapserv-1.example.com:389 -ZZ -W -D cn=Boss,dc=example,dc=com -b dc=example,dc=com uid=testuser homeDirectory ldap_start_tls: Connect error (-11) additional info: TLS error -8023:A PKCS #11 module returned CKR_DEVICE_ERROR, indicating that a problem has occurred with the token or slot. My google searches do not seem to provide any useful information. I am just looking for some hints as to what to look for in my...

I have samba 2.2.5 on RedHat 7.3. I have installed the following patches on samba: Makefile.in.patch ldap_start_tls.patch parse_sec.patch srv_spoolss_nt.patch from ftp://ftp.samba.org/pub/jerry/patches/post-2.2.5 Still experiencing frequent windows nt 4 spooler crashes when installing or removing printers from the samba server. If I disable winbind and the clients login as nobody, the problem goes away. Any h...

Hello Rowland, ldap search command throws error as below. I am unable to search ldap. ------- ldap_initialize( ldap://dc.exza.local:3268 ) ldap_start_tls: Can't contact LDAP server (-1) Enter LDAP Password: ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) ---------- I am using BIND_DLZ dns back end. and server is listening on 3268 and 3269 -- Thanks & Regards, Anantha Raghava eXzaTech Consulting And Services Pvt. Ltd. Ph: +...

Hi, Did this issue get resolved? Can someone tell me how it was resolved and what needs to be done? I am running into the same issue. Thanks, Prakash

..._read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] I'm not sure where to go from here. I've tried several different options in /etc/ldap/ldap.conf and I always get that error, unless I comment out #TLS_REQCERT allow then I get: ldapsearch '(sAMAccountName=dumaresq)' -Z ldap_start_tls: Connect error (-11) additional info: (unknown error code) ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) additional info: (unknown error code) with: [2011/04/23 14:31:29, 3] ../source4/lib/ldb-samba/ldb_wrap.c:319(ldb_wrap_connect) ldb_wrap open of secrets...

RH 7.2 (LPRng) samba installed from 2.2.5-1 rpm with the following patches from http://us4.samba.org/samba/ftp/patches/jerry/post-2.2.5/: Makefile.in.patch addform.diff ldap_start_tls.patch parse_sec.patch srv_spoolss_nt.patch security=domain (using winbind), authenticate against windows pdc and use windows wins server. What I do: Connect to \\share-name from w2k pro as printer admin, double-click printers, right click on a printer in question, select properties. I choose no...

I'm using a Samba4 ADDC and just noticed that the SSL that was created at install time is about to expire. Is there something Samba specific to create a new certificate, or should I manually create a new one using openssl? Thanks!

I am running Redhat Linux 9, openldap 2.2.15, Bdb - 4.2.52, openssl - 0.9.7d, smbldap-tools-0.8.5 and samba - 3.0.6. When I try to migrate my users from NT 4 domain to Samba, using the net vampire command, I get the following error: [2004/08/25 14:58:59, 0]Lib/smbldap.c:smbldap_open_connection(623) Failed to issue the StartTLS instruction: Connect error Broken pipe Am I missing

...di.dll KMKM5530.MDX What level of logs would be helpful in better diagnosing the problem? RH 7.2 (LPRng), winbind, NT PDC, NT WINS server, samba 2.2.5-1 with the following patches from http://us4.samba.org/samba/ftp/patches/jerry/post-2.2.5/: Makefile.in.patch 26-Jul-2002 08:18 1k ldap_start_tls.patch 24-Jun-2002 16:11 1k samba-2.2.5-printing..> 27-Aug-2002 21:17 30k Thank you, ~ Daniel

...ite: want=7, written=7 0000: 15 03 01 00 02 02 30 ......0 TLS trace: SSL3 alert write:fatal:unknown CA TLS trace: SSL_connect:error in SSLv3 read server certificate B TLS trace: SSL_connect:error in SSLv3 read server certificate B TLS: can't connect. ldap_perror ldap_start_tls: Connect error (-11) additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed It seems to indicate that it can't talk to it's CA... does anyone have any suggestions on how to make this work? thanks! -- Here's my RSA Public key: gpg --keyse...

...nd 'status = no' check 15) Fix compilation of pam_smbpass and --with-ldap 16) Fix compilation of samwrapper on Solaris hosts 17) fix logic error in a check for enableing the winbind_pam_auth_crap() code & fix formatting typo in --with-winbind-auth-challenge 18) Correcting check for ldap_start_tls() 19) Fixed a problem with getgroups() where it could include our current effective gid

...$usr="test at domain.com"; $pwd="s3cr3t"; $ds=ldap_connect($ldap); ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7); $ldapbind=false; if(ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3)) if(ldap_set_option($ds, LDAP_OPT_REFERRALS, 0)) if(ldap_start_tls($ds)) $ldapbind = ldap_bind($ds, $usr, $pwd); if(!$ldapbind) { echo "ERROR: "; echo ldap_error($ds); echo " (".ldap_errno($ds).")"; } else echo "OK"; ldap_close($ds); And the error from that scrip...

Hi, We provide DC Host's IP address and port as 3268 and user DN of administrator as CN=Administrator,CN=Users,DC=ktkbank,DC=com and supply password. But proxy reports "unable to connect to directory". However, the Proxy's Content Gateway is a member of AD DC and it uses integrated windows authentication. -- Thanks & Regards, Anantha Raghava DISCLAIMER: This

...39;status = no' check 15) Fix compilation of pam_smbpass and --with-ldap 16) Fix compilation of samwrapper on Solaris hosts 17) fix logic error in a check for enableing the winbind_pam_auth_crap() code & fix formatting typo in --with-winbind-auth-challenge 18) Correcting check for ldap_start_tls() 19) Fixed a problem with getgroups() where it could include our current effective gid

...ig * : ldap_base_dn = ou=idmap,dc=suntech idmap config * : ldap_user_dn = cn=admin,dc=suntech ldap delete dn = no ldap ssl = start tls When running the ldapsearch we get ldapsearch -x -ZZ -h server01.suntech -b dc=suntech -s sub -D cn=admin,dc=suntech -w password 'sambadomainname=*' ldap_start_tls: Connect error (-11) additional info: (unknown error code) But when we run the ldapsearch without the ZZ, we get the details ldapsearch -xLLL -H ldap://server01.suntech -b dc=suntech -s sub -D cn=admin,dc=suntech -w password 'sambadomainname=*' dn: sambaDomainName=suntech,dc=sunt...

Hi all! I'm very close to have a fully functional samba and openldap. Thanks to idealx.org. I just need to understand how it works. Everything works accept one thing. When I change TLSVerifyClient allow to TLSVerifyClient demand in slapd.conf and do: ldapsearch -x -ZZ -b 'dc=yourdomain,dc=com' '(objectclass=*)' -d 127 in the end I get: ldap_chkResponseList for msgid=2, all=1