search for: tstream_tls_retry_handshak

...tes and everything seem to check out. But this week (and with one appliance -- my firewall), I'm finding that maybe 3/20 times the bind will fail for perhaps 10 seconds. During this time, the logs read (for each failure): [2018/09/26 11:05:52.824630, 1] ../source4/lib/tls/tls_tstream.c:1439(tstream_tls_retry_handshake) TLS ../source4/lib/tls/tls_tstream.c:1439 - A TLS fatal alert has been received. I've repointed authentication to a single server (instead of using DNS round robin that apparently didn't work -- different issue), and manually spammed auth tests, which is how I was able to grab the abov...

Am 18.09.19 um 19:16 schrieb Kris Lou via samba: > More than likely, certificate issues. > > If you use the IP in pfsense, then the Samba certificate needs to have the > IP as the CN. So you suggest to contact the dc via hostname ... googled this query command: # openssl s_client -connect adc1:636 tells me ... CONNECTED(00000003) depth=0 O = Samba Administration, OU = Samba -

...day I set up the pfsense-OpenVPN-Server to auth against the samba-AD worked great already ... Now without a change I get errors and wonder why. I used the IP as "host" and TCP-STARTTLS to port 389 log.samba shows: [2019/09/18 18:38:22.123976, 1] ../source4/lib/tls/tls_tstream.c:1439(tstream_tls_retry_handshake) TLS ../source4/lib/tls/tls_tstream.c:1439 - A TLS fatal alert has been received. [2019/09/18 18:38:22.124027, 1] ../source4/ldap_server/ldap_extended.c:89(ldapsrv_starttls_postprocess_done) ldapsrv_starttls_postprocess_done: accept_tls_loop: tstream_tls_accept_recv() - 5:Input/output error =...

Hello, I'm having a problem with using TLS in samba 4.1.4. When I try to connect to LDAP of samba 4 there is an error in the logs, which is: [2014/03/18 15:34:12.631262, 1] ../source4/lib/tls/tls_tstream.c:1338(tstream_tls_retry_handshake) TLS ../source4/lib/tls/tls_tstream.c:1338 - A record packet with illegal version was received. Here's the php script that tries to connect to the samba 4: <?php $ldap="samba.domain.com"; $usr="test at domain.com"; $pwd="s3cr3t"; $ds=ldap...

...t. > > But this week (and with one appliance -- my firewall), I'm finding that > maybe 3/20 times the bind will fail for perhaps 10 seconds. During this > time, the logs read (for each failure): > > [2018/09/26 11:05:52.824630, 1] > ../source4/lib/tls/tls_tstream.c:1439(tstream_tls_retry_handshake) > TLS ../source4/lib/tls/tls_tstream.c:1439 - A TLS fatal alert has been > received. > > I've repointed authentication to a single server (instead of using DNS > round robin that apparently didn't work -- different issue), and manually > spammed auth tests, which is h...

...ainst the samba-AD > > worked great already ... > > Now without a change I get errors and wonder why. > > I used the IP as "host" and TCP-STARTTLS to port 389 > > log.samba shows: > > [2019/09/18 18:38:22.123976, 1] > ../source4/lib/tls/tls_tstream.c:1439(tstream_tls_retry_handshake) > TLS ../source4/lib/tls/tls_tstream.c:1439 - A TLS fatal alert has been > received. > [2019/09/18 18:38:22.124027, 1] > > ../source4/ldap_server/ldap_extended.c:89(ldapsrv_starttls_postprocess_done) > ldapsrv_starttls_postprocess_done: accept_tls_loop: > tstream_tls_acc...

...> Am 18.09.19 um 19:28 schrieb Stefan G. Weichinger via samba: > >> So I would have to use "adc1.arbeitsgruppe.mydomain.at" > > Tried that. Doesn't help so far. > > gives: > > [2019/09/18 19:32:07.544332, 1] > ../source4/lib/tls/tls_tstream.c:1439(tstream_tls_retry_handshake) > TLS ../source4/lib/tls/tls_tstream.c:1439 - A TLS fatal alert has been > received. > [2019/09/18 19:32:07.544401, 1] > ../source4/ldap_server/ldap_extended.c:89(ldapsrv_starttls_postprocess_done) > ldapsrv_starttls_postprocess_done: accept_tls_loop: > tstream_tls_accept_r...

...eek (and with one appliance -- my firewall), I'm finding that > > maybe 3/20 times the bind will fail for perhaps 10 seconds. During this > > time, the logs read (for each failure): > > > > [2018/09/26 11:05:52.824630, 1] > > ../source4/lib/tls/tls_tstream.c:1439(tstream_tls_retry_handshake) > > TLS ../source4/lib/tls/tls_tstream.c:1439 - A TLS fatal alert has been > > received. > > > > I've repointed authentication to a single server (instead of using DNS > > round robin that apparently didn't work -- different issue), and manually > > s...