[Samba] Samba 3.3 ldap tools

Juan Asensio Sánchez okelet at gmail.com
Wed Jun 30 00:37:04 MDT 2010

These connections that give error are stablished with the ldap system libs,
not with smbldap-tools (that use perl), so you have to configure your system
to use your certificates (etc/{ldap,openldap}/ldap.conf).


2010/6/30 Indexer <indexer at internode.on.net>

> I am currently trying to setup my Samba server to act as a samba PDC, with
> ldap as a backend. I have a selfsigned CA, that has signed the certificates
> to my ldap server.
> Starting my smbd, i keep getting the message
> smb_ldap_setup_connection: ldap://ldap.streetgeek.lan/
> Failed to issue the StartTLS instruction: Connect error
> Connection to LDAP server failed for the 1 try!
> smbldap_open: already connected to the LDAP server
> Failed search for base: dc=dev,dc=gamersalliance,dc=net,dc=au, error: -1
> (Can't contact LDAP server) (error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (self signed
> certificate in certificate chain))
> I have set in smbldap-tools.conf to verify="allow", as well as in ldap.conf
> to TLS_REQCERT = allow, so i dont understand why this is happening. All of
> my systems are pointed to the same cacert file so i doubt that it is
> confusing certificates. Are there any other options i should be considering?
> Thanks
> William
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list