similar to: autogenerated self-signed certificate problem

You missing or : Smb.conf tls cafile = tls/ca.pem And/or ( showing the Debian steps ), the CA is missing in ca-certifcates.crt In : /etc/ldap/ldap.conf TLS_CACERT /etc/ssl/certs/ca-certificates.crt Steps todo. mkdir /usr/local/share/ca-certificates/personal-cert Put the root in that folder. Run : update-ca-certificates You need to install ca-certificates first. apt install

In some customer yes, but they are with LTSP (pxe boot) where another use graphical interface, but would rather have a web interface to change the password. This tambpem would be used for windows stations off the field. Em 10-05-2016 16:05, Rowland penny escreveu: > Not even on the clients ??

I dont know LTB or what it exact is, but Add in /etc/ldap/ldap.conf TLS_REQCERT allow Setup your own "rootCA" like this. ( if not done, apt-get install ca-certificates ) mkdir -p /usr/local/share/ca-certificates/chrono mv /etc/ssl/ca_chrono-dom.lan.pem /usr/local/share/ca-certificates/chrono update-ca-certificates ! MUST BE /usr/local/share/ca-certificates else its not picked up

Hello! You can now change the password for the User when even this expired password or "next logon"? PS: With the active account, was already working the password change. Hug. Em 11-05-2016 07:17, Charles-Henri Falconnet escreveu: > It works now for all my web apps ! > If you have a AC.pem, juste rename in AC.crt (update-ca-certificates > recognizes only crt files, man

Hi list, Same wish here! I'd like my users to change their password using LTB (great tool) but since 4.2.10 (debian jessie) I lost the connection to samba4. I tried using TLS and port 636 in LTB's config.inc.php with a dedicated user and put the self signed AC from private/tls but it didn't work. Before the upgrade, i was on samba 4.1.17 (debian jessie) and simple bind on port 389

Hi all, Am trying to find a way to disable SSLv3 protocol in smb.conf on Samba4. I am using the following: tls enabled = yes tls keyfile = tls/myKey.pem tls certfile = tls/myCert.pem tls cafile = With a self-signed cert. But when I remote connect from another host using: openssl s_client -showcerts -connect samba4-dc:636 -ssl3 I get a successful

Hello, I'm using dovecot 2.2.13 on Debian stable. My users are authenticated through PAM, and stored in an LDAP backend I'm trying to set-up replication with ssl, following (mainly) this : http://wiki2.dovecot.org/Replication 1) I only diverted from the instructed setup by not setting "doveadm_port = 12345", as it would give me errors of the like: > Fatal:

Hello, I tryed to eneble TLS connection from postfix to dovecot lmtp. Unfortunely I have problem with certificate, postfix shows, 2015-07-27T12:51:15.025333+02:00 k30 postfix/lmtp[4572]: Untrusted TLS connection established to 192.168.67.30[192.168.67.30]:24: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) I checked certs by openssl s_client: #openssl s_client -connect

If I were guessing, based on some experience with certificate usage in other apps, concatenate your certificate and intermediate certificates into a single file which is then your "tls certfile" then point "tls cafile" to your issuers proper CA or just to your distro's CA bundle, e.g /etc/pki/tls/certs/ca-bundle.crt. Nick On 06/08/2020 16:36, MAS Jean-Louis via samba

On Tue, 22 May 2018 11:03:48 -0300 Carlos Bordon via samba <samba at lists.samba.org> wrote: > and for 4.6 what recommends? upgrade directly to 4.8.2? > You can upgrade to 4.8.2, just steer clear of 4.8.0 and 4.8.1 ;-) Rowland

jajaja ok, you made me laugh I want the firewall to have the ability to see samba users and groups to be able to make firewall rules not only by ip, but also by users 2018-06-01 11:48 GMT-03:00 Rowland Penny via samba <samba at lists.samba.org>: > On Fri, 1 Jun 2018 11:36:47 -0300 > Carlos Bordon via samba <samba at lists.samba.org> wrote: > > > tell me , what you

Hello All, We have interesting issue. When application connect to PDC by port 389 (without ssl) everything works fine. When we try to use SSL by port 636 we have issue. ldapsearch -x -D "cn=user,ou=users,dc=dc,dc=local" -p 636 -h PDC -b "DC=dc,DC=local" -w pass output: ldap_result: Can't contact LDAP server (-1) ldapsearch -x -D

On 5/22/2018 9:41 AM, Carlos Bordon via samba wrote: > What is the problem of 4.8.0 and 4.8.1? > > 2018-05-22 9:38 GMT-03:00 Stefan G. Weichinger via samba < > samba at lists.samba.org>: > >> Am 2018-05-22 um 14:35 schrieb Rowland Penny via samba: >> >>> If everything is working okay, you can stick with 4.7.x , but you can, >>> if you so wish,

On 5/22/2018 9:50 AM, Carlos Bordon via samba wrote: > i installed in one DC, > > Could I go from 4.8.1 to 4.82? > > 2018-05-22 10:46 GMT-03:00 lingpanda101 <lingpanda101 at gmail.com>: > >> On 5/22/2018 9:41 AM, Carlos Bordon via samba wrote: >> >>> What is the problem of 4.8.0 and 4.8.1? >>> >>> 2018-05-22 9:38 GMT-03:00 Stefan G.

Hi! i have 3 dcs with samba i demote bdc and replace it with dc2 with de same ip the replicate with dc1 is ok, and the replicate of dc3 with dc1 is ok, the problem is in dc2 with dc3 i found the problem, but i dont known how fixes when i do samba-tools drs showrepl in dc3 i see in connection appears the old dc named bdc and dont appears the new, dc2 i try with samba-tool drs replicate but

yes, but with kerberos i dont have the posibility to make policies or rules for traffic filter 2018-06-01 13:14 GMT-03:00 Rowland Penny via samba <samba at lists.samba.org>: > On Fri, 1 Jun 2018 13:03:08 -0300 > Carlos Bordon via samba <samba at lists.samba.org> wrote: > > > is a palo alto > > > > It has the form of filtering by users for what I was

The DC is a Ubuntu 16.04, with samba 4.8 I want a local user in alls workstations with admin permissions, is for the support area, for install apps and if i make a freeipa and make the trust? i could have the users and GPOs for windows and users and tools for linux, is possible? El lun., 14 ene. 2019 a las 17:26, Rowland Penny via samba (< samba at lists.samba.org>) escribió: > On

Hi! i going to migrate all windows workstation to fedora and I need for example: make an administrator users in all workstation, is possible make a gpo for linux? All the workstation are in domain...obviosly is a SAMBA! King regards From Argentine

Hi all, Does anyone know if it exists a patch for OpenSSH for Windows to allow authentication through certificates? Is it possible to make one if it doesn't exists? Using OpenSSH for Windows 3.8p1-1 20040709 Build. I know there is Roumen Petrov patch, but is for unix machines if i'm not mistaken. I need a similar one for Windows that work with the Roumen Petrov patch so i can have

Hi All, This Samba release changelog (https://wiki.samba.org/index.php/Updating_Samba#Incorrect_TLS_File_Permissions) specifically mentions a security issue and that that the multiple *.pem files needed for LDAP via TLS all need "special permissions" - and mentions to delete old files without the required permissions to force file renewal. Yet in the official Samba documentation