Bug#411042: [Pkg-samba-maint] Bug#411042: samba -dosen't connect to
OpenLDAP
Steve Langasek
vorlon at debian.org
Mon Feb 19 11:39:30 CET 2007
On Mon, Feb 19, 2007 at 07:31:25AM +0100, Mgr. Peter Tuharsky wrote:
> Steve Langasek wrote / napísal(a):
> >On Thu, Feb 15, 2007 at 01:36:51PM +0100, Mgr. Peter Tuharsky wrote:
> >>We've had a working Samba/LDAP domain based on Sarge. Now we're trying
> >>to move to Etch. We recycled old configs, or modified the new ones to be
> >>equal.
> >>Now, when I start Samba, it seems it cannot connect the LDAP server.
> >>I've got these errors in log:
> >>lib/smbldap.c:smb_ldap_start_tls(612)
> >> Failed to issue the StartTLS instruction: Connect error
> >>lib/smbldap.c:another_ldap_try(1150)
> >> Connection to LDAP server failed for the 1 try!
> >>Soon, the smbd exits.
> >Could you please post your smb.conf?
> Of course. Here You are.
Ok, nothing seems out of the ordinary here, that's too bad -- no easy answer
here.
> passdb backend = ldapsam:"ldap://vedko6.misbb.sk:389"
Are the quotes necessary here? I'm not sure that removing them would make
any difference.
> # 070215: Povodne bolo:
> # ldap ssl = start_tls
> # Lenze vraj Samba 3.x nepodporuje LDAP over SSL, iba ldap_start_tls
> # takze to vraj ma byt bez podtrhovnika start tls:
> # a niektori dokonca uvadzaju ldap ssl = off
> ldap ssl = start tls
Well, that seems it really ought to be sufficient, yes.
How do you have libldap configured to verify the SSL certificates? If you
try to connect to the server with ldapsearch, do you get the same error?
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon at debian.org http://www.debian.org/
More information about the Pkg-samba-maint
mailing list