samba ldap configs

Jorge Armando Medina jmedina at e-compugraf.com
Thu Oct 29 16:15:02 UTC 2009 

Kaushal Shriyan wrote:
> Hi,
>
> Below are my configs.
>
> http://pastebin.com/dcb24c87 ---> ldap.conf
>   
It expired on pastebin :(
> http://pastebin.com/d721f0d4d ---> slapd.conf
>   
expired
> http://pastebin.com/d102cbfc5 --->samba.conf
>   
expired
> http://pastebin.com/d1397587d --> smbldap.conf
>   
First error

   1.
      ldapTLS="0"
   2.
      ldapSSL="1"

There is not such ldapSSL option, there are diffferences from TLS and
SSL, ldaps uses port 636 and is pure encrypted connection, TLS uses
startTLS command, it initiates a secure channel over a plain connection
using default ldap port 386.

TLS is the prefered and recomended way to secure ldap connections for
the OpenLDAP Project.

So use ldapTLS="1" if you want secure connections

Second (probably error)

smbldap.conf:

suffix="cn=admin,dc=example,dc=com"

I'm not sure if this is wrong I couldn see your slapd.conf or smb.conf,
but most of times the suffix si something like: "dc=example,dc=com", the
cn=admin is the ldap admin user not a container...

The official smbldap-tools howto:

http://www.iallanis.info/smbldap-tools/docs/samba-ldap-howto/

For simple debugging I'll go for a basic plain ldap config, and then
migrate to SSL/TLS, my setup:

http://tuxjm.net/docs/Configurar_Servidor_Controlador_de_Dominio_con_Samba_y_OpenLDAP/Ubuntu/

> http://pastebin.com/d63dbbaf6 ---> smbldap_bind.conf
>
> I am running both ldap and samba server on the same host running on
> ubuntu 8.04 Hardy server.
>
> ldapsearch -x -H ldaps://localhost -D cn=admin,dc=example,dc=com -w
> xxxxxx works perfectly fine
>
> I am following
> https://help.ubuntu.com/8.10/serverguide/C/samba-ldap.html. I get the
> below issue when i run smbldap-populate I get
> http://pastebin.com/d2a098ec4.
>
> Please let me know if anyone needs more information.
>
> Thanks,
>
> Kaushal
>
>   


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20091029/42a57b0b/attachment.pgp>

More information about the ubuntu-server mailing list