> Date: Wed, 29 Jan 2003 15:36:57 -0600 (CST) > From: "Gerald (Jerry) Carter" <[EMAIL PROTECTED]> > To: Jim Wharton <[EMAIL PROTECTED]> > Cc: [EMAIL PROTECTED] > Subject: Re: [Samba] Samba LDAP user adding > Message-ID: <[EMAIL PROTECTED]> > In-Reply-To: <[EMAIL PROTECTED]> > Content-Type: TEXT/PLAIN; charset=US-ASCII > MIME-Version: 1.0 > Precedence: list > Message: 14
>>> I just installed samba 2.2.7 on Mandrake 9 with OpenLDAP support. I have set >>> up OpenLDAP and everything is cool. When I try to add a user I get: If you are using RPMs (such as from http://ranger.dnsalias.com/mandrake/samba) Note that there is a path setting in the default /etc/samba/smbldap_conf.pm that is incorrect, mkntpwd is in /usr/sbin and not /usr/local/sbin >>> >>> [root@luna openldap]# smbpasswd -a jim >>> New SMB password: >>> Retype new SMB password: >>> Failed to issue the StartTLS instruction: Connect error >>> Failed to issue the StartTLS instruction: Connect error >>> Failed to add entry for user jim. >>> Failed to modify password entry for user jim >>> >>> so I jumped in to smb.conf and disabled ldap ssl = start tls. Then I got: > > > ldap ssl default to "on" which implies LDAPS. if you want clear text > communication, you need to set "ldap ssl = off" Preferred option would be to fix ssl or tls, which requires that you generate an ssl cert with the hostname on it that matches the hostname set in smb.conf (and /etc/ldap.conf if you want to tls/ssl for pam_ldap/nss_ldap). Jerry, you are aware that samba defaults to using port 636 for tls when (AFIAK) it should be using port 389? (hint if you want to use tls, you need to set: ldap ssl = start_tls ldap port = 389 ) -- |--------------Another happy Mandrake Club member--------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
