It is my understanding that a secure ldap connection should only send encrypted data yet my configuration is sending plaintext
The following strace output from a smbpasswd results in the following:
connect(4, {sin_family=AF_INET, sin_port=htons(636), sin_addr=inet_addr("<ldap server>")}}, 16) = -1 EINPROGRESS (Operation now in progress)
...snip...
write(4, "07\2\1\1`2\2\1\3\4$cn=Manager,dc=kelvin"..., 57) = 57
write(1, "failed to bind to server with dn"..., 104failed to bind to server with dn= cn=Manager,dc=kelvininstitute,dc=com Error: Can't contact LDAP server
) = 104
..snip...
write(4, "0\5\2\1\2B\0", 7) = -1 EPIPE (Broken pipe)
--- SIGPIPE (Broken pipe) ---
+++ killed by SIGPIPE +++
A connection to the server is started on the correct port but then the dn is sent in the clear and the server kill the connection.
The ldap section from testparm -v yields
ldap server = <ldap server>
ldap port = 636
ldap suffix = dc=kelvininstitute,dc=com
ldap machine suffix = ou = Computers
ldap user suffix = ou = People
ldap group suffix = ou = Group
ldap idmap suffix =
ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
ldap admin dn = "cn=Manager,dc=kelvininstitute,dc=com"
ldap ssl = Yes
ldap passwd sync = Yes
ldap delete dn = Noany thoughts?
Cheers
-- Martin Ritchie
the Kelvin Institute 50, George Street Glasgow Scotland, UK G1 1QE
www.kelvininstitute.com +44 (0) 141 548 5719 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
