[Samba] Re: Fedora and Samba

Robert Robertedstrom at yahoo.com
Tue May 11 18:11:51 GMT 2004


I forgot to mention something.  The error message I get is

"smbldap_search_suffix: Problem during the LDAP search: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (Connect
error)" with tls support and

"Can't contact LDAP server
        error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed
Connection to LDAP Server failed for the 1 try!
Connection to LDAP Server failed for the 2 try!
Connection to LDAP Server failed for the 3 try!
Connection to LDAP Server failed for the 4 try!
Connection to LDAP Server failed for the 5 try!
Connection to LDAP Server failed for the 6 try!"

with ssl support turned on.

"Robert" <Robertedstrom at yahoo.com> wrote in message
news:c7r4nu$mnc$1 at sea.gmane.org...
> Hi.  I am trying to get Samba 3.0.4, from tarball, working with Fedora
Core
> 1.  The problem is that I can't get LDAP authentication with either ssl or
> start_tls support.
>
> I tried compiling ldap on a plain install of fedora.  I also tried
compiling
> it after installing openssl-0.9.7d and openldap 2.2.11 clients and
libraries
> from tarball.  My ldap configuration of samba is as follows:
>
>         idmap backend           = ldapsam_compat:ldap://ldap.domain.tld
>         passdb backend          = ldapsam_compat:ldap://ldap.domain.tld
>         ldap admin dn           = cn=Directory
> Administrator,ou=Maintenance,o=domain
>         ldap delete dn          = no
>         ldap port               = 389
>         ldap server             = ldap.domain.tld
>         ldap ssl                = start_tls
>         ldap suffix             = o=domain
>
>         ldap user suffix        = ou=People
>         ldap group suffix       = ou=Group
>         ldap machine suffix     = ou=Workstations,ou=People
>
> I installed samba 3.0.4, from tarball, on a redhat linux 8.0 box and tls
and
> ssl support works just fine.
>
> Is there something that I need to do to get ssl/tls support enabled.  What
> am I doing wrong?
>
> On the subject of compiling.  Is there a way to statically build the samba
> package and binary programs?  Can someone refer me to a compiling unix
> programs for dummies?
>
> Thanks in advance.
>
>
>
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>





More information about the samba mailing list