[Samba] Samba and LDAP SSL

Martin Ritchie martin.ritchie at kelvininstitute.com
Fri Feb 6 16:32:29 GMT 2004

Jérôme Tournier wrote:
> Le Wed, Feb 04, 2004 at 05:13:34PM +0000, Martin Ritchie a ecrit:
>>Is anyone using samba with an openldap backend? I've been trying to get 
>>it to use a SSL connection without much success. Has anyone managed to 
>>get it all to work?
> i've done a quick guide. You can have a look here :
> http://samba.idealx.org/dist/doc/smbldap-tools007.html

This guide only suggests using tls. I need to use SSL.

So fully encrypted communication.

The ldap server is setup with a self signed certificate. This all works 
fine for unix logins and lookups.

I can't get samba to go fully SSL with the server.

running strace on the smbd server then running the smbclient on it shows 
the server trying to connect to the ldap server. What it is writing is this:

write(22, "07\2\1\1`2\2\1\3\4$cn=Manager,dc=kelvin"..., 57) = 57

This doesn't look like SSL data to me. Looks plaintext.

My smb.conf file is configure correctly I'm sure.

ldap ssl = on
ldap port = 636 # Though this is not used
ldap server = ki(This is the FQDN)
passdb backend = ldapsam:ldaps://ki.kelvininstitute.com/

It is the ldap or ldaps that specifies the connection port.

Sorry to go on about this but I'm beginning to get pressure to get this 
working and I've run out of ideas about why it isn't working.

Any help would be great


Martin Ritchie

the Kelvin Institute
50, George Street
Scotland, UK
G1 1QE

+44 (0) 141 548 5719

More information about the samba mailing list