Hi Forum
laut Log bekomm ich diese Fehlermeldung:
ldapmaster smbd[3416]: Failed to issue the StartTLS instruction: Connect error
ich hab in der smb.conf :
ldap ssl = start tls
den LDAP hab ich auch mit TLS Config und geht auch zu mindest mit ldapsearch
ldapsearch -d 1 -x -ZZ -h ldapmaster.server.intern "(uid=testuser)"
kleiner Auszug
ldap_msgfree
TLS trace: SSL_connect:before/connect initialization
TLS trace: SSL_connect:SSLv2/v3 write client hello A
TLS trace: SSL_connect:SSLv3 read server hello A
TLS certificate verification: depth: 1, err: 0, subject: /C=DE/ST=BW/O=test GmbH/OU=IT/CN=ldapmaster.server.intern/emailAddress=postmaster@test.de, issuer: /C=DE/ST=BW/O=test GmbH/OU=IT/CN=ldapmaster.server.intern/emailAddress=postmaster@test.de
TLS certificate verification: depth: 0, err: 0, subject: /C=DE/ST=BW/L=Stuttgart/O=server GmbH/OU=IT/CN=ldapmaster.server.intern/emailAddress=postmaster@test.de, issuer: /C=DE/ST=BW/O=test
GmbH/OU=IT/CN=ldapmaster.server.intern/emailAddress=postmaster@server.de
TLS trace: SSL_connect:SSLv3 read server certificate A
TLS trace: SSL_connect:SSLv3 read server certificate request A
TLS trace: SSL_connect:SSLv3 read server done A
TLS trace: SSL_connect:SSLv3 write client certificate A
TLS trace: SSL_connect:SSLv3 write client key exchange A
TLS trace: SSL_connect:SSLv3 write change cipher spec A
TLS trace: SSL_connect:SSLv3 write finished A
TLS trace: SSL_connect:SSLv3 flush data
TLS trace: SSL_connect:SSLv3 read finished A
ldap_bind
ldap_simple_bind
ldap_sasl_bind
ldap_send_initial_request
ldap_send_server_request
und im /var/log/message steht dann:
Jun 18 13:30:01 ldapmaster slapd[3162]: conn=81 op=1 SRCH attr=cn userPassword memberUid member gidNumber
Jun 18 13:30:01 ldapmaster slapd[3162]: conn=81 op=1 SEARCH RESULT tag=101 err=0 nentries=88 text=
Jun 18 13:30:01 ldapmaster slapd[3162]: conn=81 fd=38 closed (connection lost)
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 fd=38 ACCEPT from IP=195.95.220.244:34785 (IP=0.0.0.0:389)
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=0 STARTTLS
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=0 RESULT oid= err=0 text=
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 fd=38 TLS established tls_ssf=256 ssf=256
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=1 BIND dn="" method=128
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=1 RESULT tag=97 err=0 text=
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=2 SRCH base="ou=Groups,dc=ocon,dc=intern" scope=2 deref=0 filter="(&(objectClass=posixGroup))"
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=2 SRCH attr=cn userPassword memberUid member gidNumber
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=2 SEARCH RESULT tag=101 err=0 nentries=88 text=
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 fd=38 closed (connection lost)
sieht doch ok aus oder mit dem TLS ? nur was meckert da samba?
Danke für die hilfe im voraus
MFG flipa
laut Log bekomm ich diese Fehlermeldung:
ldapmaster smbd[3416]: Failed to issue the StartTLS instruction: Connect error
ich hab in der smb.conf :
ldap ssl = start tls
den LDAP hab ich auch mit TLS Config und geht auch zu mindest mit ldapsearch
ldapsearch -d 1 -x -ZZ -h ldapmaster.server.intern "(uid=testuser)"
kleiner Auszug
ldap_msgfree
TLS trace: SSL_connect:before/connect initialization
TLS trace: SSL_connect:SSLv2/v3 write client hello A
TLS trace: SSL_connect:SSLv3 read server hello A
TLS certificate verification: depth: 1, err: 0, subject: /C=DE/ST=BW/O=test GmbH/OU=IT/CN=ldapmaster.server.intern/emailAddress=postmaster@test.de, issuer: /C=DE/ST=BW/O=test GmbH/OU=IT/CN=ldapmaster.server.intern/emailAddress=postmaster@test.de
TLS certificate verification: depth: 0, err: 0, subject: /C=DE/ST=BW/L=Stuttgart/O=server GmbH/OU=IT/CN=ldapmaster.server.intern/emailAddress=postmaster@test.de, issuer: /C=DE/ST=BW/O=test
GmbH/OU=IT/CN=ldapmaster.server.intern/emailAddress=postmaster@server.de
TLS trace: SSL_connect:SSLv3 read server certificate A
TLS trace: SSL_connect:SSLv3 read server certificate request A
TLS trace: SSL_connect:SSLv3 read server done A
TLS trace: SSL_connect:SSLv3 write client certificate A
TLS trace: SSL_connect:SSLv3 write client key exchange A
TLS trace: SSL_connect:SSLv3 write change cipher spec A
TLS trace: SSL_connect:SSLv3 write finished A
TLS trace: SSL_connect:SSLv3 flush data
TLS trace: SSL_connect:SSLv3 read finished A
ldap_bind
ldap_simple_bind
ldap_sasl_bind
ldap_send_initial_request
ldap_send_server_request
und im /var/log/message steht dann:
Jun 18 13:30:01 ldapmaster slapd[3162]: conn=81 op=1 SRCH attr=cn userPassword memberUid member gidNumber
Jun 18 13:30:01 ldapmaster slapd[3162]: conn=81 op=1 SEARCH RESULT tag=101 err=0 nentries=88 text=
Jun 18 13:30:01 ldapmaster slapd[3162]: conn=81 fd=38 closed (connection lost)
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 fd=38 ACCEPT from IP=195.95.220.244:34785 (IP=0.0.0.0:389)
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=0 STARTTLS
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=0 RESULT oid= err=0 text=
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 fd=38 TLS established tls_ssf=256 ssf=256
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=1 BIND dn="" method=128
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=1 RESULT tag=97 err=0 text=
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=2 SRCH base="ou=Groups,dc=ocon,dc=intern" scope=2 deref=0 filter="(&(objectClass=posixGroup))"
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=2 SRCH attr=cn userPassword memberUid member gidNumber
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 op=2 SEARCH RESULT tag=101 err=0 nentries=88 text=
Jun 18 13:30:12 ldapmaster slapd[3162]: conn=82 fd=38 closed (connection lost)
sieht doch ok aus oder mit dem TLS ? nur was meckert da samba?
Danke für die hilfe im voraus
MFG flipa
*hüpf ich glaub das schaut gut aus