similar to: Samba 3.0.1 and OpenLDAP 2.2.4 with TLS

It is my understanding that a secure ldap connection should only send encrypted data yet my configuration is sending plaintext The following strace output from a smbpasswd results in the following: connect(4, {sin_family=AF_INET, sin_port=htons(636), sin_addr=inet_addr("<ldap server>")}}, 16) = -1 EINPROGRESS (Operation now in progress) ...snip... write(4,

Hello, I am kind of confused with this situation. I am attempting to build a PDC using TLS/SSL with the following version of software. Samba 3.0.23 OpenLDAP 2.3.19 Fedora Core 5 When I startup the Samba server via the "service" command (service smb start) I get the following errors in my logs. Using SSL: Jul 13 09:52:34 prism smbd[23161]: smbldap_search_suffix: Problem during

Hi :) I'm using samba-3.0 with LDAP as a PDC under FreeBSD-5.1. Note that I compiled samba --with-ldap, not --with-ldapsam. I'm having a strange problem with TLS ldap certificates. If I set the following option in smb.conf: "ldap ssl = start_tls", I get errors like this: $ pdbedit -L Failed to issue the StartTLS instruction: Connect error Connection to LDAP Server failed for

How do i get samba to accept a self signed certificate from my ldap server? I have a self signed CA that created a certifcate for my ldap server. I've added the CA to the openssl frame work. <ssl-base>certs/ca.pem and <ssl-base>certs/<ca hash>.0.pem Yet I still get errors from samba 3.0.2 Is it not possible? If I add in SSLeay libraries will that sort it? I beleived that

I know this is something which should have a simple fix but I'm failing to see it somehow. I'm moving samba service between a couple of FreeBSD systems (9.3 to 10.2), and I'm stuck on getting samba on the new machine to connect to our openldap server over ssl - frustrating since I've been running samba+ldap for 15 years or so; feel sure I'm missing something basic!

Hi. I am trying to get Samba 3.0.4, from tarball, working with Fedora Core 1. The problem is that I can't get LDAP authentication with either ssl or start_tls support. I tried compiling ldap on a plain install of fedora. I also tried compiling it after installing openssl-0.9.7d and openldap 2.2.11 clients and libraries from tarball. My ldap configuration of samba is as follows:

I upgraded from 12.2 to 12.4 and found that my happy little eventmachine processes die with: terminate called after throwing an instance of ''std::runtime_error'' what(): call SetTlsParms before calling StartTls Here''s what I believe is the relevant snippet of my code, which calls start_tls() in the connection_completed() callback: connection =

On Tue, Jan 5, 2016 at 3:35 PM, Graham Allan <allan at physics.umn.edu> wrote: > I know this is something which should have a simple fix but I'm failing to > see it somehow. > > I'm moving samba service between a couple of FreeBSD systems (9.3 to > 10.2), and I'm stuck on getting samba on the new machine to connect to our > openldap server over ssl -

> Here are the changes I'd review: > > ?1. After installing the CA cert, did you create a hash link? E.g., > > ? ? /usr/sbin/cacertdir_rehash /etc/openldap/cacerts > > ?2. Make sure you know the difference between /etc/ldap.conf and > ? ? /etc/openldap/ldap.conf. The former is used by nss_ldap, the > ? ? latter by openldap clients. > > ?3. Does /etc/ldap.conf

On 1/5/2016 7:19 PM, Lee Brown wrote: > > A total guess would be to use either ldaps:// and don't bother with > start_tls, or add the :636 to the end of the ldap:// specification as it > seems to me that start_tls is pretty agnostic regarding whatever > protocol it works against (SMTP, LDAP, etc.). ie > > passdb backend = ldapsam:"ldaps://ldap-server-fqdn" >

Hi! I know this should be asked to the Openldap mailing list but: I?m trying to set up a Samba/ldap environment were the Samba server is separated from the ldap server. Everything seams to work on the ldap server and when I do a ldapsearch like this: ldapsearch -H ldap://l1.dbb.su.se/ -b dc=dbb,dc=su,dc=se ?x Everything works on both. But when I do: ldapsearch -H ldaps://l1.dbb.su.se/ -b

Hi everyone. Does anyone have any preferences or ideas for an interface for SSL certificates, both client-side and server-side? At present, the only interface is EventMachine::Connection#start_tls, which uses a built-in self-signed cert on the server side. On the cilent side, it accepts any well-formed cert (that is, it doesn''t check that the remote cert is signed by a trusted authority).

Hi, i was the one who had problems with the start_tls function. I applied the patch yesterday. But now the compiling doesn't work anymore. This is what happens : --------snipp---------- [Lots of compiling output cut away] Linking bin/smbd passdb/pdb_ldap.o: In function `pdb_setsampwent': passdb/pdb_ldap.o(.text+0x1730): multiple definition of `pdb_setsampwent'

Hello, With reference to the problems listed below. I too am having incredibly long start up times. I''m talking minutes here (around 5 minutes). My configuration is not complex I don''t think. We are you using ldap too and the settings are bellow. The network is up as I''m restarting shorewall whilst the machine is running. Any suggestions? Is there no way to

Hallo! I have a problem using samba with ldap and tls: starting ldap using slapd -d1 -h "ldaps://0.0.0.0/" Why does not it work? using ldap ssl = no working thanx Here my smb.conf: ldap server = localhost #ldap port = 389 ldap port = 636 ldap suffix = o=zolnott,dc=de ldap admin dn = uid=ldaproot,o=zolnott,dc=de ldap filter =

> Message: 8 > Date: Mon, 24 Jun 2002 18:13:33 -0500 (CDT) > From: "Gerald (Jerry) Carter" <jerry@samba.org> > To: samba@samba.org > Subject: [Samba] patch for 2.2.5 and check for start_tls with OpenLDAP 2.0.x libs > > This message is in MIME format. The first part should be readable text, > while the remaining parts are likely unreadable without

Hi Im new to this list but im hoping some can help me with the problem described below. Im trying to set up a tesdomain based on one server , OpenSUSE 10 / openldap2-2.2.27-6 / samba-3.0.20b-3.1 I have followed this doc http://www.samba.org/samba/docs/Samba3-ByExample.pdf , cap 5 using PAM og NSS og Idealx smbldap-tools . The follwoing ldap and samba modules are in use

Hi all, What exactly is the difference between ldap and ldapsam compilations? What functional differences are there for samba? I assume you can do user authentication with just ldap? Is ldapsam only necessary for PDC functionality? There seems to be loads of documentation on Samba-as-PDC-to-LDAP, but virtually none that I could find for just samba-to-ldap (over TLS, so no PAM) user

I think I'm having a problem during the vampire process. Would someone tell me why my domain users are being deleted from the Domain Users group after they are created? First, the accounts are being created normally... Creating account: marshah Creating account: marshab Creating account: johnp . . . Creating account: ronniem Creating account: bobbyr Creating account: robertk Creating

Dear list, More questions on my PDC travels ;-) 1. Is it ok, with roaming profiles on, to leave "logon drive = " empty, as this drive seems to be confusing users? 2. All my ldap stuff is using tls, and I just want to confirm that "ldap ssl = start_tls" is looking in /etc/ldap.conf for certificate locations etc.? 3. Is all traffic between Windows clients and the Samba