<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Times New Roman; font-size: 12pt; color: #000000'>you have to use FQDN when connecting securely. and you have to use the exact name used in the certificate.<br><br><hr><blockquote style="border-left:2px solid rgb(16, 16, 255);margin-left:5px;padding-left:5px;"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--><div class="WordSection1"><p class="MsoNormal">I am getting the following message in the /var/log/samba/smbd.log file when I start up samba and try to connect as a user.</p><p class="MsoNormal"> </p><p class="MsoNormal">[2011/09/27 14:23:33, 1] lib/smbldap.c:another_ldap_try(1153)</p><p class="MsoNormal"> Connection to LDAP server failed for the 15 try!</p><p class="MsoNormal">[2011/09/27 14:23:34, 10] lib/smbldap.c:smb_ldap_setup_conn(630)</p><p class="MsoNormal"> smb_ldap_setup_connection: ldaps://192.168.3.79</p><p class="MsoNormal">[2011/09/27 14:23:34, 2] lib/smbldap.c:smbldap_open_connection(786)</p><p class="MsoNormal"> smbldap_open_connection: connection opened</p><p class="MsoNormal">[2011/09/27 14:23:34, 10] lib/smbldap.c:smbldap_connect_system(951)</p><p class="MsoNormal"> ldap_connect_system: Binding to ldap server ldaps://192.168.x.x as "cn=directory manager,dc=stag,dc=cle,dc=us"</p><p class="MsoNormal">[2011/09/27 14:23:34, 2] lib/smbldap.c:smbldap_connect_system(982)</p><p class="MsoNormal"> failed to bind to server ldaps://192.168.x.x with dn="cn=directory manager,dc=stag,dc=cle,dc=us" Error: Can't contact LDAP server</p><p class="MsoNormal"> (unknown)</p><p class="MsoNormal"> </p><p class="MsoNormal">Relevant part of the smb.conf</p><p class="MsoNormal"> </p><p class="MsoNormal"> passdb backend = ldapsam:ldaps://192.168.x.x</p><p class="MsoNormal"> ldap suffix = dc=stag,dc=cle,dc=us</p><p class="MsoNormal"> ldap machine suffix = ou=people</p><p class="MsoNormal"> ldap user suffix = ou=people</p><p class="MsoNormal"> ldap group suffix = ou=groups</p><p class="MsoNormal"> ldap passwd sync = yes</p><p class="MsoNormal"> ldap admin dn = cn=directory manager,dc=stag,dc=cle,dc=us</p><p class="MsoNormal"> obey pam restrictions = yes</p><p class="MsoNormal"> </p><p class="MsoNormal">I was able to run smbpasswd –w to add the dn admin password to the secrets.tdb but am unable to add additional users as well, again getting a cannot contact ldap server message. I had this working on another machine, but that machine was needed for another purpose and lost the setup. I know I must be missing something simple and am checking the HOWTO for samba on the 389-Directory Server site.</p><p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:black">David Hoskinson | </span><b><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:blue">DATATRAK</span></b><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:blue"> International</span><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:black"><br>Systems Engineer<br>Mayfield Heights, Ohio, USA <br>+1.440.443.0082 x 124 (p</span><span style="font-size:10.0pt;font-family:"Arial","sans-serif"">) | +1.216<span style="color:black">.280.5457 (m)<br><a href="mailto:david.hoskinson@datatrak.net" title="blocked::mailto:anna.lyatkher@datatrak.net" target="_blank"><span style="color:blue">david.hoskinson@datatrak.net</span></a> | <a href="http://www.datatrak.net/" title="blocked::http://www.datatrak.net/
http://www.datatrak.net/" target="_blank"><span style="color:blue">www.datatrak.net</span></a></span></span></p><p class="MsoNormal"> </p></div><br>--<br>389 users mailing list<br>389-users@lists.fedoraproject.org<br>https://admin.fedoraproject.org/mailman/listinfo/389-users</blockquote><br></div></body></html>