I have updated /etc/ldap/ldap.conf: to TLS_REQCERT hard and run ldapsearch as below.
ldapsearch -x -ZZ -h hostname -p 389 -D cn=administrator,cn=users,dc=techmint,dc=lan -w XXXXXXXX -b 'dc=techmint,dc=lan' I got output as expected. then i run net ads join -U Administrator%XXXXXXXX -d 12 I got same issue. TLS: hostname (IP) does not match common name in certificate (hostname). After changing /etc/ldap/ldap.conf: to TLS_REQCERT Allow i am getting other issue which i have mentioned earlier. Sign or Seal are required.>, res_matched: <> kinit succeeded but ads_sasl_spnego_gensec_bind(KRB5) failed: Strong(er) authentication required i have doubts/queries please clarify. 1. If above ldapsearch is returning results. then can i assume the certificate is fine? 2. Are these issues reproducible at your end ? 3. Should i provide any further log details ? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1576799 Title: Regression: 2:4.3.8+dfsg-0ubuntu0.14.04.2 Failed to Issue the StartTLS instruction To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1576799/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
