[Samba] Failed to join win2008 domain when "server ldap signing is required".

Ephi Dror Ephi.Dror at datadomain.com
Wed Apr 15 17:07:45 GMT 2009


We are running samba 3.0.34 and having problem joining windows 2008 domain when "server ldap signing is required".

We configured start-tls, copied over the CA certificate but getting an error for the request to start ssl/tls

To be exact, here is what we see in wireshark:

Our request to the domain: requestName: (LDAP_START_TLS_OID)
Respond from the domain: LDAPMessage extendedResp(1) (00000000: LdapErr: DSID-0C090E0B, comment: Error initializing SSL/TLS, data 0, v1771)

We also saw the same problem with windows 2003 SP2 however; it is working well for any other windows 2003 domain.

Is it a known issue? 

Any hint will be much appreciated.


PS: unfortunately, we can't switch to samba 3.2.x or 3.3.x at the moment to avoid doing tls in the first place.

More information about the samba mailing list