On Mon, Feb 19, 2007 at 07:31:25AM +0100, Mgr. Peter Tuharsky wrote: > Steve Langasek wrote / napĂsal(a): > >On Thu, Feb 15, 2007 at 01:36:51PM +0100, Mgr. Peter Tuharsky wrote: > >>We've had a working Samba/LDAP domain based on Sarge. Now we're trying > >>to move to Etch. We recycled old configs, or modified the new ones to be > >>equal.
> >>Now, when I start Samba, it seems it cannot connect the LDAP server. > >>I've got these errors in log: > >>lib/smbldap.c:smb_ldap_start_tls(612) > >> Failed to issue the StartTLS instruction: Connect error > >>lib/smbldap.c:another_ldap_try(1150) > >> Connection to LDAP server failed for the 1 try! > >>Soon, the smbd exits. > >Could you please post your smb.conf? > Of course. Here You are. Ok, nothing seems out of the ordinary here, that's too bad -- no easy answer here. > passdb backend = ldapsam:"ldap://vedko6.misbb.sk:389"; Are the quotes necessary here? I'm not sure that removing them would make any difference. > # 070215: Povodne bolo: > # ldap ssl = start_tls > # Lenze vraj Samba 3.x nepodporuje LDAP over SSL, iba ldap_start_tls > # takze to vraj ma byt bez podtrhovnika start tls: > # a niektori dokonca uvadzaju ldap ssl = off > ldap ssl = start tls Well, that seems it really ought to be sufficient, yes. How do you have libldap configured to verify the SSL certificates? If you try to connect to the server with ldapsearch, do you get the same error? -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/
