this works. I'm also able to telnet with tcp 636 (ldaps). I'm just searching for a solution to kerberise squid without the need of winbind/smb.
2010/6/28 Nick Cairncross <[email protected]>: > They seem ok. > > Telnet to your dc on 389? > > > On 28/06/2010 14:40, "Tom Tux" <[email protected]> wrote: > > which ldap-libraries should be installed? > The following devel-packages are installed (SLES11-System): > - openldap2-devel > - cyrus-sasl-devel > > > > 2010/6/28 Nick Cairncross <[email protected]>: >> Missing ldap libraries maybe? >> >> >> On 28/06/2010 12:32, "Tom Tux" <[email protected]> wrote: >> >> Hi >> >> I'm trying to generate a computer-account with msktutil: >> >> I got the following error: >> ... >> ... >> - ldap_connect: Connecting to LDAP server: dc1.domain.com try_tls=YES >> SASL/GSSAPI authentication started >> SASL username: [email protected] >> SASL SSF: 0 >> Error: ldap_set_option (option=) failed (Can't contact LDAP server) >> -- ~KRB5Context: Destroying Kerberos Context >> >> >> >> I have a valid ticket (klist), initiated with [email protected]. >> Have someone any hints? I see, that the msktutil tries with tls >> (encrypted) on port 389 (ldap) on the domain-controller. Can I use >> native (unencrypted) ldap? >> >> Thanks a lot. >> Tom >> >> >> ** Please consider the environment before printing this e-mail ** >> >> The information contained in this e-mail is of a confidential nature and is >> intended only for the addressee. If you are not the intended addressee, any >> disclosure, copying or distribution by you is prohibited and may be >> unlawful. Disclosure to any party other than the addressee, whether >> inadvertent or otherwise, is not intended to waive privilege or >> confidentiality. Internet communications are not secure and therefore Conde >> Nast does not accept legal responsibility for the contents of this message. >> Any views or opinions expressed are those of the author. >> >> Company Registration details: >> The Conde Nast Publications Ltd >> Vogue House >> Hanover Square >> London W1S 1JU >> >> Registered in London No. 226900 >> > > > The information contained in this e-mail is of a confidential nature and is > intended only for the addressee. If you are not the intended addressee, any > disclosure, copying or distribution by you is prohibited and may be unlawful. > Disclosure to any party other than the addressee, whether inadvertent or > otherwise, is not intended to waive privilege or confidentiality. Internet > communications are not secure and therefore Conde Nast does not accept legal > responsibility for the contents of this message. Any views or opinions > expressed are those of the author. > > The Conde Nast Publications Ltd (No. 226900), Vogue House, Hanover Square, > London W1S 1JU >
