[389-users] StartTLS issue
Maurizio Marini
maumar at cost.it
Sat Mar 6 11:35:58 UTC 2010
Generally I use CentOS and centos-ds to setup a samba-pdc; now i decided to
installa a fresh fedora 12 as pc clients are xp and windows7, so i need a
recent samba ( >= 3.3) to join pc client with windows7.
I use as always this guide:
http://directory.fedoraproject.org/wiki/Howto:Samba
I haven't installed any certs, until now, as it was not necessary in my
previous samba-pdc installations
at the point to get SID, i get startTLS errors:
fedora12 11:56:21 root at fedora-ds: ~ # net getdomainsid
[2010/03/06 11:56:30, 0] lib/smbldap.c:656(smb_ldap_start_tls)
Failed to issue the StartTLS instruction: Protocol error
[2010/03/06 11:56:31, 0] lib/smbldap.c:656(smb_ldap_start_tls)
Failed to issue the StartTLS instruction: Protocol error
[2010/03/06 11:56:32, 0] lib/smbldap.c:656(smb_ldap_start_tls)
Failed to issue the StartTLS instruction: Protocol error
[2010/03/06 11:56:33, 0] lib/smbldap_util.c:310(smbldap_search_domain_info)
smbldap_search_domain_info: Adding domain info for DOMAIN failed with
NT_STATUS_UNSUCCESSFUL
SID for local machine FEDORA-DS is: S-1-5-21-2903629014-3468404519-2055364827
SID for domain DOMAIN is: S-1-5-21-2903629014-3468404519-2055364827
*My question is*:
should i install tls using something like here:
http://wiki.neddix.com/How_to_setup_the_CentOS_Directory_Server_%28389_Directory_Server%29#Create_Certificate_for_secure_ldaps_connections
Where can i get
ds-ssl-setup
suitable for fedora12?
Could ds-ssl-setup solve my issue?
tia
======================================
Samba version is:
fedora12 11:56:33 root at fedora-ds: ~ # rpm -qa | grep samba
samba-doc-3.4.5-55.fc12.i686
samba-swat-3.4.5-55.fc12.i686
samba-3.4.5-55.fc12.i686
samba4-4.0.0-18.1alpha8_git20090916.fc12.i686
samba-common-3.4.5-55.fc12.i686
samba-winbind-devel-3.4.5-55.fc12.i686
samba4-pidl-4.0.0-18.1alpha8_git20090916.fc12.i686
samba-winbind-clients-3.4.5-55.fc12.i686
samba-client-3.4.5-55.fc12.i686
samba-winbind-3.4.5-55.fc12.i686
samba4-devel-4.0.0-18.1alpha8_git20090916.fc12.i686
samba4-libs-4.0.0-18.1alpha8_git20090916.fc12.i686
samba-domainjoin-gui-3.4.5-55.fc12.i686
======================================
389 version is:
fedora12 12:05:34 root at fedora-ds: ~ # rpm -qa | grep 389
389-ds-1.1.3-5.fc12.noarch
389-ds-console-doc-1.2.0-5.fc12.noarch
389-ds-base-1.2.5-1.fc12.i686
389-ds-console-1.2.0-5.fc12.noarch
389-console-1.1.3-5.fc12.noarch
389-admin-console-1.1.4-2.fc12.noarch
389-dsgw-1.1.4-1.fc12.i686
389-admin-console-doc-1.1.4-2.fc12.noarch
389-adminutil-1.1.8-4.fc12.i686
389-admin-1.1.10-1.fc12.i686
--
Maurizio Marini
More information about the 389-users
mailing list