
<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40">


<head>


<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">


<meta name=Generator content="Microsoft Word 11 (filtered medium)">


<style>


<!--


 /* Style Definitions */


 p.MsoNormal, li.MsoNormal, div.MsoNormal


        {margin:0cm;


        margin-bottom:.0001pt;


        font-size:12.0pt;


        font-family:"Times New Roman";}


a:link, span.MsoHyperlink


        {color:blue;


        text-decoration:underline;}


a:visited, span.MsoHyperlinkFollowed


        {color:blue;


        text-decoration:underline;}


span.E-mailStijl17


        {mso-style-type:personal;


        font-family:Arial;


        color:navy;}


span.E-mailStijl18


        {mso-style-type:personal;


        font-family:Arial;


        color:navy;}


span.E-mailStijl19


        {mso-style-type:personal-reply;


        font-family:Arial;


        color:navy;}


@page Section1


        {size:595.3pt 841.9pt;


        margin:70.85pt 70.85pt 70.85pt 70.85pt;}


div.Section1


        {page:Section1;}


-->


</style>


</head>


<body lang=NL link=blue vlink=blue>


<div class=Section1>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>Hai, <o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>I’ve added the needed upn, setup the


_ldaps in the dns zones, thats ok now. <br>


<br>


<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>The last part, here i need some help.<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(942): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Setting up connection to ldap


server samba-dc1.internal.domain.tld:636<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(786): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Set SSL defaults<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(531): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Enable server certificate


check for ldap server.<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(544): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Set certificate file for ldap


server to /etc/ssl/certs/cert.pem.(Changeable through setting environment


variable TLS_CACERTFILE)<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(800): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: ERROR: Error while setting start_tls


for ldap server: Can't contact LDAP server<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(953): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Bind to ldap server with


SASL/GSSAPI<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_sasl.cc(276): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: ERROR: ldap_sasl_interactive_bind_s


error: Can't contact LDAP server<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(957): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: ERROR: Error while binding to ldap


server with SASL/GSSAPI: Can't contact LDAP server<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(942): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Setting up connection to ldap


server samba-dc2.internal.domain.tld:636<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(786): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Set SSL defaults<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(531): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Enable server certificate


check for ldap server.<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(544): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Set certificate file for ldap


server to /etc/ssl/certs/cert.pem.(Changeable through setting environment


variable TLS_CACERTFILE)<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(800): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: ERROR: Error while setting start_tls


for ldap server: Can't contact LDAP server<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(953): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Bind to ldap server with


SASL/GSSAPI<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_sasl.cc(276): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: ERROR: ldap_sasl_interactive_bind_s


error: Can't contact LDAP server<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>support_ldap.cc(957): pid=26693


:2016/08/25 08:52:33| kerberos_ldap_group: ERROR: Error while binding to ldap


server with SASL/GSSAPI: Can't contact LDAP server<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>I tried to set <o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>TLS_CACERTFILE in ldap.conf, didnt work,


so dont know how to fix this or there to put these variables. <o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>I need a user to connect to the ldap.  Hi have


that one in place. <o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>I just can find how to put this in this


line so i can test this out, but i can only authenticate if the TLS_CACERTFILE


is set correctly. <o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>Any suggestions here? <o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>Greetz, <o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>


<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:


10.0pt;font-family:Arial;color:navy'>Louis<o:p></o:p></span></font></p>


</div>


</body>


</html>