Hi,
after a successfully migrating my NT4 with OpenLDAP to a Samba4 AD...I got a problem.
Like in the sambawiki tutorial (https://wiki.samba.org/index.php/Configuring_LDAP_over_SSL_(LDAPS)_on_a_Samba_AD_DC) I tried to configure LDAPS. I used the auto-configured certs. They are located in "/var/lib/samba/private/tls".
My smb.conf:
# Global parameters
[global]
netbios name = PDC
realm = COMPANY.COM
workgroup = COMPANY
server role = active directory domain controller
idmap_ldb:use rfc2307 = yes
template shell = /bin/bash
template homedir= /home/%U
dns forwarder = 8.8.8.8
min protocol = SMB2
tls enabled = yes
tls keyfile = /var/lib/samba/private/tls/key.pem
tls certfile = /var/lib/samba/private/tls/cert.pem
tls cafile = /var/lib/samba/private/tls/ca.pem
winbind enum users = yes
winbind enum groups = yes
winbind cache time = 10
winbind use default domain = yes
logging = syslog at 1 /var/log/samba/log.%m
I've tested it with the following command and got the following error...
root at server:/var/lib/samba/private/tls# ldbsearch -H ldaps://127.0.0.1 '(cn=admin)' objectClass -Uadmin
TLS failed to missing crlfile - with 'tls verify peer = as_strict_as_possible'
Failed to connect to ldap URL 'ldaps://127.0.0.1' - LDAP client internal error: NT_STATUS_INVALID_PARAMETER_MIX
Failed to connect to 'ldaps://127.0.0.1' with backend 'ldaps': LDAP client internal error: NT_STATUS_INVALID_PARAMETER_MIX
Failed to connect to ldaps://127.0.0.1 - LDAP client internal error: NT_STATUS_INVALID_PARAMETER_MIX
How can I solve this error?
Thanks!