[Samba] LDAPS on DC

Fred Smith fs582087 at gmail.com
Mon Apr 20 00:21:16 MDT 2015


> Check the ldap configuration file on the client (in mageia is
> /etc/openldap/ldap.conf, in ubuntu /etc/ldap/ldap.conf).
> Try to set "TLS_REQCERT allow" and comment out everything else.

Thanks this seemed to do the trick on the linux host I was running
ldapsearch on to perform the test connections to my samba 4 DC. I'm
using Ubuntu and my working ldap.conf is below as you suggested.

>From file /etc/ldap/ldap.conf:

#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

#BASE   dc=example,dc=com
#URI    ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT      12
#TIMELIMIT      15
#DEREF          never

# TLS certificates (needed for GnuTLS)
#TLS_CACERT     /etc/ssl/certs/ca-certificates.crt

TLS_REQCERT allow

I wonder if it's possible to get the Windows program ldp working in
the same way? It might be too old.


More information about the samba mailing list