similar to: LDAP problem

Hello Rowland, You shouldn't use 'ldaps' and ':636', in fact you shouldn't use ':636' at all. OK, mini-howto coming up ;-) The DC is dc1.samdom.example.com The AD domain DN is dc=samdom,dc=example,dc=com There is this line in the DC smb.conf: tls certfile = tls/cert.pem The reverse dns zone has been created and operational The client is

Hello everyone, I'm using Samba4 in my CentOS server, and it was just fine. I could always use ldap commands like 'ldapsearch' and 'ldapadd' and I had no problem. But one day, I don't know why, I couldn't use more ldapsearch or ldapadd. They return this: ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) I'm using the same command as always, like:

Hello Brian, Sorry to my late answer, I did what you suggest previously This error suggests a problem with your certificate. If it used to work previously, then check it hasn't expired. openssl s_client -connect devsamba.lucas.ufes.br:636 copy-paste the certificate into a pem file, including begin/end lines openssl x509 -in mycert.pem -noout -enddate And check your root CA

Hi, ldapsearch with an ldaps-URL stopped working recently, probably with the update from openssl 1.0.0 to openssl 1.0.1. On a server with up-to-date packages (openssl-1.0.1e-16.el6_5.x86_64, openldap-clients-2.4.23-32.el6_4.1.x86_64) I get the following errors when issuing an ldapsearch (some parts anonymized): [bad]# ldapsearch -H "ldaps://ldap.domain.org:6636/" -D <binddn>

Hi all, I'd like to perform some ldapsearch against my AD domain. And I'd like to be able to perform these ldapsearch using GSSAPI to avoid usage of password in scripts. DC are using default configuration file: ---------------------------------------- # Global parameters [global] workgroup = SAMBA.DOMAIN realm = SAMBA.DOMAIN.TLD netbios name = M707 server

Hello Marc, Thanks for your documentation. Well I followed what you wrote, perhaps my wbinfo command fails when I try to test the connectivity. # wbinfo --ping-dc checking the NETLOGON dc connection failed failed to call wbcPingDc: WBC_ERR_WINBIND_NOT_AVAILABLE Could not ping our DC My smb.conf is now this: # Global parameters [global] netbios name = DEVLUCAS1 realm =

Rowland, I looked at Samba wiki, but it doesn't helped me as I wanted, maybe I'm doing something wrong. This is what I tried to do: yum install pam* ./configure.developer --with-pam make && make install ln -s /usr/local/samba/lib/libnss_winbind.so.2 /lib64/libnss_winbind.so ln -s /lib64/libnss_winbind.so /lib64/libnss_winbind.so.2 modified my nsswitch.conf passwd:

Hi list! I'm always trying to configure Dovecot to ask our LDAP-Server (AD) in order to authenticate the users. I really don'know what can I do wrong... I configured my Dovecot so: hosts = chimaera.company.local dn = CN=mailproxy,CN=Users,DC=company,DC=local dnpass = SECRET sasl_bind = no tls = no debug_level = -1 auth_bind = yes ldap_version = 3 base = dc=company,dc=local deref =

I hope that someone will be so kind to help me into solving this really strange thing (don't know if it is a bug or not) I have a samba4 server and want to use postfix+dovecot - dovecot version is 2.0.11 as for the postfix side everything is OK (all the LDAP lookups works without any error, tested also manually with postmap -q) the real pain is with dovecot deliver: it seems that

Hello list, I am struggling with setting up dovecot 2.1.7 with samba 4.1.2 on debian wheezy. Dovecot should authenticate via LDAP, but I?cannot get it to work reliably. Sometimes auth works, sometimes not. Referals are already activated in ldap.conf ? LDAP-authentication works fine with other clients (Apache Directory Studio, ?)? Has somebody got a similar setup running? I would love some hints

Things goes further. To use GSSAPI and so the Kerberos ticket obtained with kinit I was missing "-Y GSSAPI". It seems GSSAPI and TLS are meant to be used together: ---------------------------------------- ldapsearch -Y GSSAPI -LLL -H ldaps://SAMBA.DOMAIN.TLD SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Server is unwilling to perform (53) additional info:

ERRATUM: It seems GSSAPI and TLS are *NOT* meant to be used together: 2015-10-15 16:20 GMT+02:00 mathias dufresne <infractory at gmail.com>: > Things goes further. To use GSSAPI and so the Kerberos ticket obtained > with kinit I was missing "-Y GSSAPI". > > It seems GSSAPI and TLS are meant to be used together: > ---------------------------------------- >

Your smb.conf is for a Domain Controller. Winbind is meant to run on member servers. You are setting up a domain controller or you are joining this samba to an existing domain? Em 04/01/2017 10:25, Lukz Ferris via samba escreveu: > Rowland, > > > I looked at Samba wiki, but it doesn't helped me as I wanted, maybe I'm doing something wrong. > > > This is what I tried

Hi, We're seeing some TLS LDAP related issues in our Samba 4 PDC. Slapd gives the same message with SSL turned on and off in smb.conf slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol) Loaded: loaded (/etc/init.d/slapd; bad; vendor preset: enabled) Active: active (running) since Tue 2018-04-03 14:54:38 AEST; 4min 12s ago Apr 03 14:54:37 mypdc

Hi all! Do you know if there is any R function/package that can be used to estimate "logit" models with panel data and forecasting? Thanks, Moysés. -- Moysés Nascimento Bacharel em Estatística/UFES Mestre em Estatística Aplicada e Biometria/UFV Doutorando em Estatística e Experimentação Agropecuária/UFLA moysesnascim@gmail.com [[alternative HTML version deleted]]

Wiki seems to be out of date here. The wiki reference's [1] [2] a "setup/provision-backend" script, as well as a "setup/provision" script, yet current git only has a setup/provision executable. Some #samba and #openldap IRC advice was that provision-backend wasnt needed anymore, but based off the errors i'm seeing, there's definitely _something_ missing, I just

I know this is something which should have a simple fix but I'm failing to see it somehow. I'm moving samba service between a couple of FreeBSD systems (9.3 to 10.2), and I'm stuck on getting samba on the new machine to connect to our openldap server over ssl - frustrating since I've been running samba+ldap for 15 years or so; feel sure I'm missing something basic!

Something like this. But this link has no info that I need. On the roadmap: https://wiki.samba.org/index.php/Roadmap There is information <https://wiki.samba.org/index.php/Samba4/LDAP_Backend#.28De.29motivation> about general purpose LDAP server as the backend (e.g. openLDAP). But that's not what i was looking for. I looking for status of `passdb backend = ldapsam` feature. This

Hi list, I'm getting stuck at the replication part for my BDC. Could someone familiar with OpenLDAP replication shed some light? I'm sure that password is correct Thanks for taking a look at! 1. slapd.conf (master) # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $ # # See slapd.conf(5) for details on configuration options. # # include

Hello, my dovecot installation has been working fine against AD till we upgrade from AD 2003 to AD 2008. As http://wiki2.dovecot.org/AuthDatabase/LDAP said, now I'm not able to connect AD through 389 port. The port 3268 works fine though. (...) Sep 7 19:02:05 <dovecotServer> dovecot: imap-login: Error: master(imap): Auth request timed out (received 0/12 bytes) Sep 7 19:02:05