this works. I'm also able to telnet with tcp 636 (ldaps).
I'm just searching for a solution to kerberise squid without the need
of winbind/smb.
2010/6/28 Nick Cairncross <Nick.Cairncross_at_condenast.co.uk>:
> They seem ok.
>
> Telnet to your dc on 389?
>
>
> On 28/06/2010 14:40, "Tom Tux" <tomtux80_at_gmail.com> wrote:
>
> which ldap-libraries should be installed?
> The following devel-packages are installed (SLES11-System):
> - openldap2-devel
> - cyrus-sasl-devel
>
>
>
> 2010/6/28 Nick Cairncross <Nick.Cairncross_at_condenast.co.uk>:
>> Missing ldap libraries maybe?
>>
>>
>> On 28/06/2010 12:32, "Tom Tux" <tomtux80_at_gmail.com> wrote:
>>
>> Hi
>>
>> I'm trying to generate a computer-account with msktutil:
>>
>> I got the following error:
>> ...
>> ...
>> - ldap_connect: Connecting to LDAP server: dc1.domain.com try_tls=YES
>> SASL/GSSAPI authentication started
>> SASL username: admin_at_DOMAIN.COM
>> SASL SSF: 0
>> Error: ldap_set_option (option=) �failed (Can't contact LDAP server)
>> �-- ~KRB5Context: Destroying Kerberos Context
>>
>>
>>
>> I have a valid ticket (klist), initiated with adminuser_at_DOMAIN.COM.
>> Have someone any hints? I see, that the msktutil tries with tls
>> (encrypted) on port 389 (ldap) on the domain-controller. Can I use
>> native (unencrypted) ldap?
>>
>> Thanks a lot.
>> Tom
>>
>>
>> ** Please consider the environment before printing this e-mail **
>>
>> The information contained in this e-mail is of a confidential nature and is intended only for the addressee. �If you are not the intended addressee, any disclosure, copying or distribution by you is prohibited and may be unlawful. �Disclosure to any party other than the addressee, whether inadvertent or otherwise, is not intended to waive privilege or confidentiality. �Internet communications are not secure and therefore Conde Nast does not accept legal responsibility for the contents of this message. �Any views or opinions expressed are those of the author.
>>
>> Company Registration details:
>> The Conde Nast Publications Ltd
>> Vogue House
>> Hanover Square
>> London W1S 1JU
>>
>> Registered in London No. 226900
>>
>
>
> The information contained in this e-mail is of a confidential nature and is intended only for the addressee. �If you are not the intended addressee, any disclosure, copying or distribution by you is prohibited and may be unlawful. �Disclosure to any party other than the addressee, whether inadvertent or otherwise, is not intended to waive privilege or confidentiality. �Internet communications are not secure and therefore Conde Nast does not accept legal responsibility for the contents of this message. �Any views or opinions expressed are those of the author.
>
> The Conde Nast Publications Ltd (No. 226900), Vogue House, Hanover Square, London W1S 1JU
>
Received on Mon Jun 28 2010 - 16:33:28 MDT
This archive was generated by hypermail 2.2.0 : Tue Jun 29 2010 - 12:00:03 MDT