[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Samba 3.0.1 and OpenLDAP 2.2.4 with TLS
fre, 30.01.2004 kl. 17.26 skrev Martin Ritchie:
> set up OpenLDAP to authenticate our linux users and exim MTAs.
> This all works fine with OpenLDAP only providing a ldaps:/// connection
> on 636.
>
> However I cannot for the life of me get samba to speak tls to it. I've
> seen numerous suggestions of simply putting
>
> ldap ssl = start_tls or
> ldap ssl = on
>
> in the smb.conf file
In addition to what Dieter wrote, LDAP TLS (normally, it can be changed)
runs on port 389. Connecting to it works with another mechanism than
SSL, but the end result is the same.
If you only have LDAP running on port 636, STARTTLS can not work.
If you are worried about slapd allowing non-encrypted connections to
port 389, you can reverse this behavior by putting "security tls=1" in
slapd.conf and restarting slapd.
--Tonni
--
mail: billy - at - billy.demon.nl
http://www.billy.demon.nl