[Samba] How to samba ldap and ssl
Ander Punnar
ander.punnar at gmail.com
Tue Aug 9 05:07:26 MDT 2011
Actually... I had typo in my ldap.conf and that's why openldap syncrepl
failed.
"TLS_REQERT never", missing letter C.
Very embarrassing.
End of offtopic.
On Fri, Aug 5, 2011 at 12:11, Ander Punnar <ander.punnar at gmail.com> wrote:
> 2011/8/4 <samba-request at lists.samba.org>
>
>> I have installed SAMBA + OpenLDAP + TLS successfully with the debian
>> packages. There is no need to rebuild openldap from scratch.
>> My config :
>>
>> Debian Queeze amd64
>> OpenLDAP: slapd 2.4.23 (Jun 15 2011 13:31:57)
>> Samba v3.5.6
>> OpenSSL 0.9.8o 01 Jun 2010
>>
>
> http://packages.debian.org/squeeze/slapd
>
> Depends: libgnutls26
>
> When you are trying to do syncrepl with startls or ldaps://
> between 2 Debian boxes and use self-signed certs, then it doesn't work.
> When you are using LDAP-client compiled with OpenSSL, then it works,
> because client tries to verify certs, not server and OpenSSL is more sane
> when it
> comes to self-signed certs.
>
> Yes, I tried that CA.pl/sh script to create own CA,
> debugged with gnutls utils and did lots of other stuff and every time I got
> verification errors.
>
> But this problem is OpenLDAP (debian package) related, not Samba.
>
> --
> Sent from my PC.
>
>
--
Sent from my PC.
More information about the samba
mailing list