similar to: LDAP + SSL

Hi, sorry for the stupid question, but however i am following all howtos and tutorials it is not working 1) i have created CA certificate - /etc/pki/tls/misc/CA -newca 2) i have generated a new request - /etc/pki/tls/misc/CA -newreq 3) i have signed certificate /etc/pki/tls/misc/CA -signreq SO i have CA in /etc/pki/CA i have newkey.pem i have newcert.pem i have also cealrkey.pem (without

Being a responsible sort of guy, I want to check and make sure I have some decent encryption settings for my authentication systems. Namely Samba PDC (2.2.7a) with an LDAP backend that also authenticates Linux clients (which I've finally gotten running the way I want :-)). According to some documentation I've found, the samba ports are 137/udp,138/udp and 139/tcp. Samba changes

Hi there guys, do not know if post this here or in openldap list, sorry if I disturb you. I configured samba+ldap as a PDC and byt now it's working fine, so, I decided to put some security to the stuff. The problem is that I coudl not make it work, here I what I've done. This is what netstat shows. tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN tcp 0 0

I'm using Samba 3.0.3 on Fedora Core 2 with OpenLDAP 2.1.29 for a backend. I'm getting to typical "The user name could not be found." error upon trying to join a Windows box. I've gone through every digest on lists.samba.org and other sites and nothing has worked yet. Any suggestions: Here's what I've done so far: 1. Installed everything via RPMS: [root@smbtest

After, oh, six months of attempts here and there to read everyone's experiences with Samba/LDAP and inability for a windows 2000/XP machine to join the domain, I finally discovered what was not working properly. In my smb.conf I put: add machine script = /usr/local/sbin/smbldap-useradd -w "%u" As instructed by many How-to's and Idealx. However, I thought to myself, %m

Hi, I have two Samba 4.12.3 DCs (eucalipto and aroeira) on a Debian Buster and a Windows 2008R2 DC (antares). Replication got broken: root at eucalipto:~# samba-tool drs replicate antares eucalipto DC=ad,DC=a1,DC=ind,DC=br ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - drsException: DsReplicaSync failed (8418, 'WERR_DS_DRA_SCHEMA_MISMATCH') ? File

Hi, I using openldap 2.0.23 and samba 2.2.4 on a Redhat 7.2 Linux distrib. I've compiled with ldap support dans It works fine in clear mode. I've configured unix auth. in order to use ldap on TLS mode, and it works also. When I try to use TLS more (or SSL on 636), it doesn't work. LDAP doesn't seem to have an error (see logs below), but samba tells "Failed to issue the

Der Rowland, We share that concerns actually and of course if there is a way to avoid it, it is always better. Another fellow suggested us an LDAP-Proxy instead (personally have never setup one). What we actually need in our case scenario, is only that service and not the rest of bells and whistles of an RODC. I just was wondering if someone had experience with what happens if one does

A couple of days ago I decided that I needed a samba and ldap setup. After reading the samba mailing list , specifically the thread "Re: [Samba] Samba and LDAP backend - howto docs problems?" I decided to buy the Official Samba-3 HowTo and Reference guide", (the Samba-3 By Example mentioned in that thread wasn't available in my bookstore and they could't order it for me too)

Hello, I am kind of confused with this situation. I am attempting to build a PDC using TLS/SSL with the following version of software. Samba 3.0.23 OpenLDAP 2.3.19 Fedora Core 5 When I startup the Samba server via the "service" command (service smb start) I get the following errors in my logs. Using SSL: Jul 13 09:52:34 prism smbd[23161]: smbldap_search_suffix: Problem during

I'm trying to set up an Idmap Backend LDAP server for winbind. I don't need a full blown SAMBA PDC; just a server to provide the SID to UID/GID mappings. We're using a Windows Active Directory server to authenticate against but we want the above mappings to be the same across multiple samba machines. Can we just stand up a simple ldap server and just add the mappings and that's

Greetings... I'm struggling trying to set up a samba 3.0.23c PDC with ldap backend. The server is Fedora 5, OpenLdap version 2.3.19-4. I've got it so smbd and nmbd start properly and I can use a windows box and see the domain using srvmgr.exe and usrmgr.exe. I'm then able to signon from a windows XP computer with the command net use \\pdcserver\ipc$ /user:root rootpassword Some

Hey list, I was having a similar SSL/openLDAP problem to this last week. I had a chance to look at this again today and it still appears to not be working. I called godaddy and had the last cert cancelled and reissued as I had mis-typed the name of the CN on the last one. I am trying to setup a Godaddy turbo SSL certificate with an openLDAP 2.4 server under FreeBSD 8.1. The clients are mainly

The serverlog of openldap with loglevel "any": https://gwarband.de/openldap/openldap-connect.log Note: openldap waits 1 Minute before he says "TLS negotiation failure" after the connect. and dovecot says direct "Connect error" I've also delete the TLSCipherSuite from openldap. Tobias Am 2017-03-18 14:01, schrieb Tomas Habarta: > Increase log level on server

I've replicate the settings from ldapsearch to dovecot but no success. To the certificate: Yes it's a *.crt file but I have linked the *.pem file to it and dovecot has read access to that file. I have enabled the debugging in dovecot and have uploaded the output: https://gwarband.de/openldap/dovecot-connect.log And the other site with ldapsearch:

Hello i've samba 3.022 with a ldap 2.2.26. I've no pb to join domain with my win2000, but when I reboot I'm reject (bad username ...). I find in debug that the first param sent by the client was the login and I think it must be the machines name. Any idee ? -- Denis Rohou Service Informatique ville de Lannion 22113 lannion 02-96-46-64-22

Sorry.. One more email.. I tried to create the IDMAP container on the LDAP with an example I found: dn: ou=Idmap,dc=softeng,dc=com objectClass: organizationalUnit ou: idmap structuralObjectClass: organizationalUnit and it gives: adding new entry "ou=Idmap,dc=softeng,dc=com" ldap_add: Constraint violation additional info: structuralObjectClass: no user modification allowed

Hi, Due to some legacy php app I have to integrate an Ubuntu 14.04 server on my AD structure. AD DC is a Ubuntu 18.04 with canonical packages running Samba 4.7 (4.7.6+dfsg~ubuntu-0ubuntu2.5) and member server runs Samba 4.3 (4.3.11+dfsg-0ubuntu0.14.04.19). After installing the 14.04 member server, installed samba packages and dependencies according to wiki and no errors. I get all users on

I've tested your soulution, but it also says the same error. I've tested all combinations of: - tls_ca_cert_file = <cert> - tls = yes - tls_require_cert = demand Every time it says "Connection error". Only when tls is uncommented it says "TLS required". Additional information from my contact with the openldap-technical mailing list: The

SNIP > > > > Hi there, this is my config, I have a CentOS 5.3 x86_64 full updated > with Xen enabled with Samba 3.5.4 sernet RPMs. I have a virtual > machine running Windows 2008 R2 Foundation running full virtualized > on the same machine. > When i tried to join the Windows 2008 to the domain i get this > message: > The following error ocurred attempting to