Web lists-archives.com

Re: [Samba] LDAP problem

On 03/02/2017 12:14, Lukz Ferris wrote:
But one day, I don't know why, I couldn't use more ldapsearch or ldapadd. They return this:
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

I'm using the same command as always, like:

ldapsearch -H "ldaps://devsamba.lucas.ufes.br:636" -w '*******' -D "cn­ministrator,cn=users,dc=lucas,dc=ufes,dc=br" -x -b "dc=lucas,dc=ufes,dc=br"

This error suggests a problem with your certificate. If it used to work previously, then check it hasn't expired.

    openssl s_client -connect devsamba.lucas.ufes.br:636

copy-paste the certificate into a pem file, including begin/end lines

    openssl x509 -in mycert.pem -noout -enddate

And check your root CA cert hasn't expired:

    openssl x509 -in /usr/local/samba/private/tls/cert.pem -noout -enddate

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba