Re: ldap, samba and s

[Bill Dossett <bd@emtex.com>]

ok... now I feel stupid I think... 2.0x ldap
doesn't support starttls?  I think...  I can
read... some.

not sure why ldapsearch -ZZ  with

ssl starttls in the conf works then though?

Anyway, starting with URLS ldaps:/// and
samba authentication works ok now.  Guess
there were just a few too many version numbers
as the SSL V3 also kept me thinking I was
working with ldap V3 or something like that.

Anyway, celebrations are back on for this
weekend,  :-) have a good one.

Bill



Bill Dossett wrote:
> Hi,
>
> I've asked on the samba lists and have no replies
> yet and this is the only other place I know to ask.
>
> I am using RedHat 8.0.
>
> I have built openldap from the SRPMS, all components
> and made sure that TLS is enabled.  It is version 2.0.25
>
> I have samba 2.2.5 and I have built the SRPMS and
> made sure that ssl, and all related ldap settings
> are configured.
>
> I have populated the openldap database using sambaldap
> tools.
>
> With smbl.conf: ssl off , smbd authenticates users against
> slapd without problems.
>
> With ldap.conf: ssl starttls, ldapsearch -ZZ  works fine
> and with the server and client in debug mode I see the
> TLS conversation and they are happy in their work.
>
> Looking at my samba logs, it is saying:
>
> ldap_open_connection: StartTLS not supported by LDAP client libraries!
>
> which doesn't make any sense to me....  has anyone else seen this?
>
> I have just double checked the configure script and --with-tls is
> there.  I built all components of openldap including clients and
> installed them....  I'm not sure what to try next... any words
> of wisdom would be hugely appreciated, I was hoping to celebrate
> this weekend :-)
>
> It certainly seems as though this is a samba problem, but I can't
> seem to find any info about this on the samba lists and no one
> has commented on it yet anyway.
>
> Thanks
>
> Bill