On Tue, 20 Jun 2017 08:10:02 -0600 Andrew Niemantsverdriet <[email protected]> wrote:
> Hi Rowland, > > I am running Samba version 4.2.14-Debian > Okay, first thing, how do you feel about running a version that hasn't been declared EOL by Samba ? It is fairly easy, just go and have a read here: http://apt.van-belle.nl/ Can you connect to your Samba AD DC with ldapsearch using ldaps ? I will give you a hint here, you never specify the port. You need something like this in /etc/openldap/ldap.conf HOST dc1.samdom.example.com TLS_CACERT /usr/local/samba/private/tls/cert.pem TLS_REQCERT demand NOTE: the above path to the cert is on a machine with a self-compiled Samba, your path will probably be different. You will also require this in smb.conf on the DC ldap server require strong auth = allow_sasl_over_tls Now run this command on the DC: ldapsearch -D "[email protected]" -b "cn=Users,dc=samdom,dc=example,dc=com" -H ldaps://dc1.samdom.example.com -W sAMAccountName=Administrator NOTE, should be all on one line and replace dns domains etc with your data. Rowland ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Lam-public mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/lam-public
