[Samba] How to samba ldap and ssl
Ander Punnar
ander.punnar at gmail.com
Fri Aug 5 03:11:10 MDT 2011
2011/8/4 <samba-request at lists.samba.org>
> I have installed SAMBA + OpenLDAP + TLS successfully with the debian
> packages. There is no need to rebuild openldap from scratch.
> My config :
>
> Debian Queeze amd64
> OpenLDAP: slapd 2.4.23 (Jun 15 2011 13:31:57)
> Samba v3.5.6
> OpenSSL 0.9.8o 01 Jun 2010
>
http://packages.debian.org/squeeze/slapd
Depends: libgnutls26
When you are trying to do syncrepl with startls or ldaps://
between 2 Debian boxes and use self-signed certs, then it doesn't work.
When you are using LDAP-client compiled with OpenSSL, then it works,
because client tries to verify certs, not server and OpenSSL is more sane
when it
comes to self-signed certs.
Yes, I tried that CA.pl/sh script to create own CA,
debugged with gnutls utils and did lots of other stuff and every time I got
verification errors.
But this problem is OpenLDAP (debian package) related, not Samba.
--
Sent from my PC.
More information about the samba
mailing list