-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jukka Hienola wrote:
| So, our name server was unavailable this morning due | to OS update. Division's Samba and LDAP services are | running on same server, and Samba is using TLS in | connecting to LDAP service. Because some of the network | names were not resolvable, I changed "passdb backend = | ldapsam:ldap://ldap.server.name/" to "passdb backend = | ldapsam:ldap://127.0.0.1/" in smb.conf, although I have | ldap.server.name also in /etc/hosts, just in case. In | file /etc/nsswitch.conf I have line "hosts: files dns". | After I restarted Samba, I just couldn't login to | domain anymore either with any machine or domain user accounts. | Samba gave me errors like | | smbd[1956]: [2005/10/24 11:03:17, 0] | lib/smbldap.c:smbldap_open_connection(677) | smbd[1956]: Failed to issue the StartTLS instruction: Connect error My immediate guess would be that the conect failed due to a mismatch in the server name's cert. Make sure you can run 'ldapsearch -ZZ -h 127.0.0.1 ...' cheers, jerry ===================================================================== Alleviating the pain of Windows(tm) ------- http://www.samba.org GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc "There's an anonymous coward in all of us." --anonymous -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDXNlMIR7qMdg1EfYRAoiOAKDRMkCzkiI6/0m+rkGSd67q+e65pACg5Lre V6QHbrkidy2wUxlBuou3+OE= =6G47 -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba