[Samba] Second DC won't start LDAP daemon
Andrew Bartlett
abartlet at samba.org
Wed May 17 19:14:23 UTC 2017
On Mon, 2017-05-15 at 18:58 +0200, Andrea Venturoli via samba wrote:
> On 05/08/17 11:17, Andrea Venturoli wrote:
> > Hello.
> >
> > I've got a network of FreeBSD servers which traditionally hosted a
> > classic domain.
> > I upgraded some months ago, removing the old PDC and BDC and migrating
> > to an AD DC controller in a jail.
> > This is working fine with Samba 4.4.13.
> >
> > Now I'm trying to add a second DC, so I created a new jail on another
> > physical server and went on with the setup, following:
> > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory
>
> After spending several hours trying to sort this out, I found that the
> ldap task will work (and bind to port 389) if I put "tls enabled=no" in
> the config file.
>
> With "tls enabled=yes" (or nothing, since it's the default) I get:
> "Child 24011 (ldap) terminated with signal 4"
>
> I tried generating a self-signed certificate as per:
> > https://wiki.samba.org/index.php/Configuring_LDAP_over_SSL_(LDAPS)_on_a_Samba_AD_DC
>
> Unfortunately, the only effect is that "Attempting to autogenerate TLS
> self-signed keys for https for hostname 'XXX.xxxxx.xxxxxxxx.xx'" changes
> to "TLS autogeneration skipped - some TLS files already exist".
> Then I get the same error as above.
>
>
> Any suggestion?
> TIA.
What is your platform, and what is signal 4 on your platform? It is
SIGILL on x86_64 linux.
Thanks,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list