[Samba] Samba StartTLS
nbensa at gmail.com
Fri Nov 11 12:23:39 MST 2011
2011/11/11 steve <steve at steve-ss.com>:
> On 11/11/2011 08:31 AM, steve wrote:
>> Lan with opensuse 11.4 Samba and LDAP server. Linux, win-xp and win7
>> Nov 10 11:20:16 hh1 smbd: [2011/11/10 11:20:16.268556, 0]
>> Nov 10 11:20:16 hh1 smbd: Failed to issue the StartTLS
>> Connect error
> TLS_REQCERT never
> allows windows to connect to the samba domain with TLS.
> Can anyone comment on the security of this workaround?
Or you can copy your servers' CA to your clients, in this case your
samba server and use "TLS_REQCERT hard"
Your solution works, but some other machine can impersonate your ldap
server and your smb server will never know the difference.
More information about the samba