https://bugzilla.novell.com/show_bug.cgi?id=730046
https://bugzilla.novell.com/show_bug.cgi?id=730046#c13
Ralf Haferkamp
Created an attachment (id=464047) --> (http://bugzilla.novell.com/attachment.cgi?id=464047) [details] ldap search as requested This is missing the debug output I requested. Either you forget to attach the stderr output I request or you did add the "-d -1" command line options to the ldapsearch command. Please attach the complete output. Also paste your TLS_* settings in /etc/openldap/ldap.conf that were in use when running that command.
(In reply to comment #12)
ls -l /etc/openldap/cacerts/ total 8 lrwxrwxrwx 1 root root 10 Nov 24 18:00 513085ff.0 -> cacert.pem lrwxrwxrwx 1 root root 10 Nov 24 18:00 792682eb.0 -> cacert.pem -rw-r--r-- 1 root root 3056 Nov 24 18:00 cacert.pem Hm, this looks good actually.
Please remember that this is about Samba connecting to LDAP, not a user logging in from a linux client. I know. But the error messages you got from Samba seemed to indicate that something is wrong with your general LDAP setup. For Samba it should make no difference whether TLS_CACERTDIR or TLS_CACERT is used, as long as the directory is setup properly.
BTW, you seem to have overlooked one of my question from comment#4:
Nov 10 11:20:16 hh1 smbd[6066]: [2011/11/10 11:20:16.268556, 0] lib/smbldap.c:731(smb_ldap_start_tls) Nov 10 11:20:16 hh1 smbd[6066]: Failed to issue the StartTLS instruction:
When do you get this error message? Always when starting smbd or only when booting? What output does "pdbedit -L" give you? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.