On Mon, Feb 19, 2007 at 02:58:17PM +0100, Mgr. Peter Tuharsky wrote:
> The odd thing ("no easy answers TM") is, that despite of the errors in
> log, the Samba domain WORKS for a little while. Machines and users log
> on, as if nothing happened. Users get authenticated, network shares are
> connected. After several tens of seconds (minute or so) smbd dies and
> domain dies with it.
Are there any log messages when the smbd dies?
> The second odd thing is, that the very LDAP works well too. We can
> authenticate against LDAP server from SMTP, IMAP and eGroupWare, and
> local machine user's logon using PAM-LDAP. Just when we run Samba on the
> server to allow Windows domain logons, the Samba acts as described above..
And all of these other clients are configured to use starttls?
> >How do you have libldap configured to verify the SSL certificates? If you
> >try to connect to the server with ldapsearch, do you get the same error?
>
> Please, specify, what kind of info do You need here. I don't understand
> that.
E.g., an /etc/ldap/ldap.conf on another system I know uses starttls has this
line:
TLS_CACERT /etc/ldap/cacert.pem
Do you have a similar configuration ensuring the integrity of the SSL
connection? (It sounds like you must, if other clients connect
successfully, but I just want to be sure.)
And if you connect to the LDAP server using ldapsearch -ZZ -h vedko6.misbb.sk,
does it connect successfully?
Cheers,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
[EMAIL PROTECTED] http://www.debian.org/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
