[Samba] Samba 2.2.6pre2 + ldapsam + Solaris 9
Adrian Quek
adrianq at bii.a-star.edu.sg
Tue Sep 3 10:05:59 GMT 2002
Adrian Quek wrote:
> Gerald Carter wrote:
>
>>On Tue, 3 Sep 2002, Adrian Quek wrote:
>>
>>
>>
>>>Hi,
>>>
>>>I've been unable to get samba to work with ldap over ssl or tls on a
>>>solaris 9 machine. I thought that the ldap in solaris 9 supports tls
>>>natively now. However I still get the error in my log file :
>>>
>>>
>>>
>>>>[2002/09/02 16:35:10, 0] passdb/pdb_ldap.c:ldap_open_connection(202)
>>>> ldap_open_connection: Secure connection not supported by LDAP client
>>>>libraries!
>>>>
>>>>
>>>>[2002/09/02 15:03:48, 0] passdb/pdb_ldap.c:ldap_open_connection(187)
>>>> ldap_open_connection: StartTLS not supported by LDAP client libraries!
>>>>
>>>>
>>> I've compiled my samba with --with-pam --with-ldapsam
>>>--with-pam_smbpass --with-ssl. Is it possible to get it working with the
>>>ldap provided by sun? or do I have to install openldap?
>>>
>>>
>>
>>Sun was supposed to put SSL in their LDAP client libraries in Solaris 9,
>>but I've not had a Solaris 9 box to update configure.in to reflect
>>this....
>>
>>
>>
>>
>>
>>cheers, jerry
>> ---------------------------------------------------------------------
>> Hewlett-Packard http://www.hp.com
>> SAMBA Team http://www.samba.org
>> -- http://www.plainjoe.org
>> "Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2
>> --"I never saved anything for the swim back." Ethan Hawk in Gattaca--
>>
>>
>>
> So is there anyway to get around this?
>
> -Adrian
>
With some elementary hacking, I've managed to get samba 2.2.6pre2 to
work with Sun's ldap. yay! :) A summary of what I did is shown below. I
couldn't figure out how configure generates the start_tls define in
config.h, so i just edited it manually. Also I wasn't able to figure out
how to do SSL instead. I can send U the ldap.h from solaris 9 if it
helps. Also this is working with pam, pam_smbpass and ldap-sam. We can
now have a consolidated(unix and samba) username and password in ldap
and change it all with a single passwd command.
configure
---------
diff configure configure.bak
12279c12279
< for ac_func in ldapssl_install_routines
---
> for ac_func in ldap_start_tls_s
passdb/pdb_ldap.c
-----------------
diff pdb_ldap.c pdb_ldap.c.bak
179c179
< if ((rc = ldapssl_install_routines
(*ldap_struct)) != LDAP
_SUCCESS)
---
> if ((rc = ldap_start_tls_s (*ldap_struct, NULL,
NULL)) !=
LDAP_SUCCESS)
include/config.h
----------------
diff config.h config.h.bak
643c643
< #define HAVE_LDAP_START_TLS_S
---
> /* #undef HAVE_LDAP_START_TLS_S */
regards,
Adrian
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the samba
mailing list