[Samba] Configuration help
Guillaume Couvreur
guillaume.couvreur at ntico-operation.com
Tue Aug 6 09:39:05 UTC 2019
ok it's done but it does'nt work
Le mar. 6 août 2019 à 11:11, L.P.H. van Belle via samba <
samba at lists.samba.org> a écrit :
> Hai,
>
> If its really Debian 9, then i dont think, this is not going to work. >>
> /etc/openldap/ldap.conf
>
> I suggest the following.
>
> apt-get install ca-certificates
> mkdir -p /usr/local/share/ca-certificates/samba-ad-dc
> ln -s /var/lib/samba/private/tls/cert.pem
> /usr/local/share/ca-certificates/samba-ad-dc/samba.crt
> update-ca-certificates
>
> /etc/ldap/ldap.conf
> BASE dc=some,dc=dom,dc=tld
> URI ldaps://dc1.some.dom.tld ldaps://dc2.some.dom.tld
> TLS_REQCERT allow
>
> # Optional, depending on need add:
> #BIND_DN = CN=ldapBindUser,OU=Service-Accounts,DC=some,DC=dom,DC=tld
> #BIND_PW = SomePasshere
>
> Something like that.
>
>
> Greetz,
>
> Louis
>
>
>
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> > Guillaume Couvreur via samba
> > Verzonden: dinsdag 6 augustus 2019 10:23
> > Aan: Rowland penny
> > CC: sambalist
> > Onderwerp: Re: [Samba] Configuration help
> >
> > I can't find /etc/openldap/ldap.conf
> >
> > Le mar. 6 août 2019 à 10:16, Rowland penny via samba
> > <samba at lists.samba.org>
> > a écrit :
> >
> > > On 06/08/2019 08:41, Guillaume Couvreur wrote:
> > > > Distro : Debian 9
> > > >
> > > > log samba and smb as attachments
> > >
> > > The log just tells me that samba_dnsupdate needs looking at. ;-)
> > >
> > > Try this:
> > >
> > > Add to the [global] section of smb.conf:
> > >
> > > ldap server require strong auth = allow_sasl_over_tls
> > >
> > > Now modify/create /etc/openldap/ldap.conf
> > >
> > > Add/change:
> > >
> > > HOST <YOUR_DCs_FQDN>
> > > TLS_CACERT /var/lib/samba/private/tls/cert.pem
> > > TLS_REQCERT never
> > >
> > > Restart Samba and try again.
> > >
> > > If it still doesn't work, can we see 'log.winbindd'
> > >
> > > Rowland
> > >
> > >
> > >
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions: https://lists.samba.org/mailman/options/samba
> > >
> >
> >
> > --
> >
> > *Guillaume COUVREUR*
> > *Chef de projet technique*
> > guillaume.couvreur at ntico-operation.com
> > 03.66.72.80.79
> > 1A, avenue de l'Harmonie
> > 59650 VILLENEUVE D'ASCQ
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> >
> >
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
*Guillaume COUVREUR*
*Chef de projet technique*
guillaume.couvreur at ntico-operation.com
03.66.72.80.79
1A, avenue de l'Harmonie
59650 VILLENEUVE D'ASCQ
More information about the samba
mailing list