[Samba] Samba StartTLS
nbensa at gmail.com
Sat Nov 12 10:52:58 MST 2011
2011/11/11 steve <steve at steve-ss.com>:
> So, On a
> win 7 client, where do I put the CA cert?
You don't :-)
Win will talk to samba. Samba talks to OpenLDAP over a tls conection.
>From my experience (since -from my pov- it is not clear in the docs),
passdb backend = ldapsam:ldaps://ldap.yourdomain.tld
ldap ssl = off
passdb backend = ldapsam:ldap://ldap.yourdomain.tld
ldap ssl = start tls
BTW, the CN in the certificate must match the ldap uri if smb.conf. In
other words, if your certificate was created using CN=ldap.mydomian,
and you put ldapsam:ldap://localhost in smb.conf, it won't work.
More information about the samba