[Samba] Samba4-ad-dc

Alex Crow acrow at integrafin.co.uk
Mon Jan 23 19:33:53 UTC 2017

If you want to use LDAP over TLS, in (at least on Centos/RHEL)
/etc/openldap/ldap.conf, add a line:


Then your Squid server should not try to verify your samba's cert
against a CA.

Alternatively, get the CA cert from the samba server and add it to the
trusted CA's on the squid box.



On 23/01/17 03:58, Epsilon Minus via samba wrote:
> Hello.
> First, sorry for my English, I try to write correctly.
> I have a problem with the samba-dc-ac daemon.
> I am trying to connect a squid server with authentication against the
> samba-dc-ac database.
> With encryption I can not connect to the squid server I have no option
> to accept any certificate.
> It is a self-signed certificate. I suspect that the problem is here.
> I can not connect to port 389 without encryption. Is this possible?
> As I have the server secure I do not worry that that password travel
> without encryption. But I can not find the way to enable traffic
> without encryption.
> From already thank you very much.
> Epsilon.

This message is intended only for the addressee and may contain
confidential information. Unless you are that person, you may not
disclose its contents or use it in any way and are requested to delete
the message along with any attachments and notify us immediately.
This email is not intended to, nor should it be taken to, constitute advice.
The information provided is correct to our knowledge & belief and must not
be used as a substitute for obtaining tax, regulatory, investment, legal or
any other appropriate advice.

"Transact" is operated by Integrated Financial Arrangements Ltd.
29 Clement's Lane, London EC4N 7AE. Tel: (020) 7608 4900 Fax: (020) 7608 5300.
(Registered office: as above; Registered in England and Wales under
number: 3727592). Authorised and regulated by the Financial Conduct
Authority (entered on the Financial Services Register; no. 190856).

More information about the samba mailing list