[Samba] Samba + LDAP + TLS
joshkel at gmail.com
Tue Oct 25 13:23:21 GMT 2005
On 10/24/05, Jukka Hienola <jukka.hienola at helsinki.fi> wrote:
> My question is, how changing "passdb backend" from ldap.server,name to
> 127.0.0.1 can have this effect, since the server name should have been
> resolvable with /etc/hosts file? Does it has something to do with my
> certificate files, which are generated using ldap.server.name? However,
> I was able to login with TLS and Apache, so I don't think that's the case.
Some LDAP clients are more or less forgiving of certificate name
mismatches. OpenLDAP 2.0.27 will work if the name mismatches;
OpenLDAP 2.2.23 won't; IIRC, pam_ldap won't, even if linked against
OpenLDAP 2.0.27 libraries. So that may explain why some software
works and some doesn't.
More information about the samba