Mailinglist Archive: opensuse (1786 mails)

< Previous Next >
Re: [opensuse] samba and StartTLS [SOLVED]
On Sun, Nov 13, 2011 at 07:09:07AM +0100, lynn wrote:
[ 8< ]
It took some heated discussion over on the samba list and I think it must be
a
bug in Yast ldap server and samba when 'use tls' is checked in the ldap
server
dialogue. Following the yast setup does not work. You have to add:

TLS_REQCERT hard
TLS_CACERT /etc/openldap/cacerts/YaST-CA.pem

to the file

/etc/openldap/ldap.conf

Restart ldap and samba in that order and samba talks to ldap over TLS.

Do you think that I should register as a bug in Yast? If so, do Yast bugs
live
at novell bugzilla?

Please do and also add a pointer to the archived thread at
https://lists.samba.org/ and to this thread archived at
http://lists.opensuse.org/opensuse/2011-11/msg00363.html As you started
several threads around this topic please also consider to add pointers
to the others too. Then it's much easier for the YaST developers to
follow and to address the issue.

And yes, the bug tracker for YaST and all openSUSE and SUSE Linux
Enterprise issues still is at bugzilla.novell.com Unfortunately nobody
spoke up to maintain a separate bugzilla instance for openSUSE. And I
must warn you this is a lot of work. Björn and I did this for the Samba
bugzilla and even if we had lot of fun and coffee at the SerNet office
it nevertheless was somehow painful.

Lars
--
Lars Müller [ˈlaː(r)z ˈmʏlɐ]
Samba Team
SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
< Previous Next >
Follow Ups