Web lists-archives.com

Re: [Samba] Second DC won't start LDAP daemon

On 05/08/17 11:17, Andrea Venturoli wrote:

I've got a network of FreeBSD servers which traditionally hosted a classic domain. I upgraded some months ago, removing the old PDC and BDC and migrating to an AD DC controller in a jail.
This is working fine with Samba 4.4.13.

Now I'm trying to add a second DC, so I created a new jail on another physical server and went on with the setup, following:

After spending several hours trying to sort this out, I found that the ldap task will work (and bind to port 389) if I put "tls enabled=no" in the config file.

With "tls enabled=yes" (or nothing, since it's the default) I get:
"Child 24011 (ldap) terminated with signal 4"

I tried generating a self-signed certificate as per:

Unfortunately, the only effect is that "Attempting to autogenerate TLS self-signed keys for https for hostname 'XXX.xxxxx.xxxxxxxx.xx'" changes to "TLS autogeneration skipped - some TLS files already exist".
Then I get the same error as above.

Any suggestion?


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba