gitlab: testing of ldap-ssl-ads option

Björn Baumbach bb at sernet.de
Mon Jun 22 08:30:31 UTC 2020


On 6/19/20 11:57 PM, Isaac Boukris via samba-technical wrote:
> On Fri, Jun 19, 2020 at 9:01 PM Isaac Boukris <iboukris at gmail.com> wrote:
>>
>> On Fri, Jun 19, 2020 at 8:20 PM Jeremy Allison <jra at samba.org> wrote:
>>>
>>> On Fri, Jun 19, 2020 at 07:45:28PM +0200, Isaac Boukris via samba-technical wrote:
>>>
>>>> Does anyone have any idea on this error and why I only get it on gitlab?
>>>
>>> My guess would be differing gnutls library
>>> versions. Not sure how to determine what
>>> gnutls library version is on gitlab.
>>
>> In the raw log I now see the host was "Ubuntu 18.04.4", i'll try that.
> 
> My bad, it was rather easy to reproduce, it only worked in my lab
> because I have 'TLS_REQCERT=allow' in ldap.conf.

For testing purposes I typically specify the ca cert the following way:

LDAPTLS_CACERT=/var/lib/samba/private/tls/ca.crt ldapsearch -H ...

Best regards,
Björn

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: 0551-370000-0, mailto:kontakt at sernet.de
Gesch.F.: Dr. Johannes Loxen und Reinhild Jung
AG Göttingen: HR-B 2816 - http://www.sernet.de



More information about the samba-technical mailing list