enabling secure ldap samba4

Michael Wood esiotrot at gmail.com
Fri Aug 20 10:58:54 MDT 2010


On 13 June 2010 16:56, Matthieu Patou <mat at samba.org> wrote:
> On 13/06/2010 14:23, Matthias Rohm wrote:
>> Where do I have to change parameters for enabling secure slapd for TLS
>> encrypion? I was not able to find anything in the tree of samba 4.
> When using the ldb backend openldap is not used, so you don't need to do
> anything the ldaps protocol is supported by default (and activated), when

I'm trying to talk to Samba4 via LDAP using TLS, and I'm getting the
following exception:

Traceback (most recent call last):
  File "/tmp/test.py", line 12, in <module>
  File "/usr/lib/python2.5/site-packages/ldap/ldapobject.py", line
528, in start_tls_s
    return self._ldap_call(self._l.start_tls_s)
  File "/usr/lib/python2.5/site-packages/ldap/ldapobject.py", line 97,
in _ldap_call
    result = func(*args,**kwargs)
ldap.OPERATIONS_ERROR: {'info': 'START-TLS: Failed to setup TLS
socket', 'desc': 'Operations error'}

Looking at the packet capture, I see this message comes back from the
server without any SSL certificate being sent.

How do I go about debugging this?


Michael Wood <esiotrot at gmail.com>

More information about the samba-technical mailing list