[Samba] SSL, LDAP SSL and certificates

Diego Rivera lrivera at racsa.co.cr
Tue Sep 10 19:09:00 GMT 2002


Hello all

Is there a timetable for implementing specifying the certificate a Samba
server might use to be authenticated by the LDAP server if the LDAP
server only accepts "certified" clients?

I.e., parameters like "ldap client {cert,key}" and "ldap CA
cert{Dir,File}?

Also, I tried samba SSL support on two machines, using an already-tested
set of certificates (my own CA, works with other stuff, etc), and while
session crypto is successfully negotiated, in the end the session fails
with "Session setup failed: SUCCESS - 0".

I seem to recall something about this "erroneous error message" on
previous threads - any comments?

I also run into this using winbind, which I found out, works against a
samba PDC after all - it was misconfiguration on my part.

BTW: The winbind thing is stranger still - if I use pam_winbind for
auth, the first login is successful, but subsequent logins cause the
aforementioned "SUCCESS - 0" error message displayed (albeit in a
different context - client pipe error or something of that sort).

Best

Diego





More information about the samba mailing list