Buchan Milne wrote: > > Ignacio Coupeau wrote: > >>Buchan Milne wrote: >>
>>>Hi, I was following some of the howto at >>>http://www.unav.es/cti/ldap-smb/ldap-smb-2_2-howto.html#patches to >>>include the ldap referral patches in the samba packages for Mandrake, >>>but it seems that samba does not compile with the patch (I can give you >>>the error later, but AFAICR it was incompatible 2nd argument passed to >>>function on line 289 of pdb_ldap.c (I think where ldap_connect_system >>>calls auth_rebind_proc). >>> >> >>The tls stuff in the lib/include are a bit special... I going to apply >>the patch to the latest samba-2.2.7a. >> >>If you plan is use starttls the standard openldap libraries (at least in >>RedHat) should be replaced by ones with start_tls support. >> >>Try a search with: ldapsearch -ZZ -H "ldap://<your_FQDN_ldap_server/" >><filter> <attr list> -d 256 > > [bgmilne@bgmilne bgmilne]$ ldapsearch -x -ZZ -H "ldap://ldap.cae.co.za" > "(uid=bgmilne)" dn -LLL > dn: uid=bgmilne,ou=People,dc=cae,dc=co,dc=za > > (This is on cooker, but TLS works fine on Mandrake 8.0 through 9.0. > >>also perform a search in the /usr/include: >> >>[root@bilbo htdocs]# egrep >>"LDAP_API_FEATURE_X_OPENLDAP|LDAP_API_VERSION|REFERRAL|TLS" /usr/include/* >> >>you should obtain some like: > > This box runs Mandrake cooker, original problem was on my home machine > running 9.0, but 9.0 ships with 2.0.25-7mdk, and my cooker box currently > has 2.0.27-1mdk. > >>look for: >>#define LDAP_API_VERSION 2004 >>#define LDAP_REFERRAL 0x0a /* LDAPv3 */ >>#define LDAP_CHASE_SUBORDINATE_REFERRALS 0x0020U >>#define LDAP_CHASE_EXTERNAL_REFERRALS 0x0040U >>#define LDAP_EXOP_START_TLS "1.3.6.1.4.1.1466.20037" > > On cooker (don't currently have a 9.0 build devel box available, will > check at home on 9.0) I get: > > /usr/include/ldap.h:#define LDAP_API_VERSION 2004 > /usr/include/ldap.h:#define LDAP_REFERRAL > 0x0a /* LDAPv3 */ > /usr/include/ldap.h:#define LDAP_CHASE_SUBORDINATE_REFERRALS 0x0020U > /usr/include/ldap.h:#define LDAP_CHASE_EXTERNAL_REFERRALS 0x0040U > /usr/include/ldap.h:#define LDAP_EXOP_START_TLS "1.3.6.1.4.1.1466.20037" > > But, on cooker it seems to compile fine ... so I guess I should upgrade > to 2.0.27 on my 9.0 boxen that need referrals. Seems I was wrong (left out ldap switch ...), it doesn't compile on cooker, here is the error: Compiling passdb/pdb_ldap.c passdb/pdb_ldap.c: In function `ldap_connect_system': passdb/pdb_ldap.c:289: warning: passing arg 2 of `ldap_set_rebind_proc' from incompatible pointer type passdb/pdb_ldap.c:289: too many arguments to function `ldap_set_rebind_proc' make: *** [passdb/pdb_ldap.o] Error 1 > > And make the patch conditional so we don't try and apply it on 8.0 > through 9.0 (for which we still build updated samba RPMS for each release). > > Or would it be possible to have referrals work with older openldap > versions? I see a comment about a ./configure test .... > Anyone else have the referral patch working on 2.2.7a against openldap-2.0.x ? Regards, Buchan -- |--------------Another happy Mandrake Club member--------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba