https://bugzilla.novell.com/show_bug.cgi?id=730046
https://bugzilla.novell.com/show_bug.cgi?id=730046#c14
lynn wilson
Nov 10 11:20:16 hh1 smbd[6066]: [2011/11/10 11:20:16.268556, 0] lib/smbldap.c:731(smb_ldap_start_tls) Nov 10 11:20:16 hh1 smbd[6066]: Failed to issue the StartTLS instruction: TLS does not work.
With my workaround: Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 fd=21 ACCEPT from IP=192.168.1.2:55442 (IP=0.0.0. Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=0 STARTTLS Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=0 RESULT oid= err=0 text= Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 fd=21 TLS established tls_ssf=256 ssf=256 Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=1 BIND dn="cn=admin,dc=site" method=128 Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=1 BIND dn="cn=admin,dc=site" mech=SIMPLE ssf=0 Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=1 RESULT tag=97 err=0 text= Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=2 SRCH base="" scope=0 deref=0 filter="(object Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=2 SRCH attr=supportedControl Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=3 SRCH base="dc=site" scope=2 deref=0 filter=" Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=3 SRCH attr=sambaDomainName sambaNextRid samba Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text= Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=4 SRCH base="dc=site" scope=2 deref=0 filter=" Nov 25 11:09:55 hh1 slapd[2017]: conn=1033 op=4 SRCH attr=gidNumber sambaSID sambaGroupType TLS works fine - - - grep -v "#" ldap.conf base dc=site bind_policy soft pam_lookup_policy yes pam_password exop nss_initgroups_ignoreusers root,ldap nss_schema rfc2307bis nss_map_attribute uniqueMember member ssl start_tls uri ldap://hh1.site ldap_version 3 pam_filter objectClass=posixAccount tls_cacertfile /etc/openldap/cacert.pem - - - pdbedit -L root:0:root <snip> COMPUTER_1$:10001:COMPUTER_1$ STEVE-PC$:10002:STEVE-PC$ <snip> lynn2:1001:l steve2:1003:s It doesn't really matter. _I_ know how to fix it. But that's selfish. The point is, I'd like to help others to use Yast too. Please let me know if we're getting anywhere. Is it a big problem to be able to apply the workaround to Yast? It's only one or two lines in /etc/openldap/ldap.conf. Thanks L x -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.