Failed to issue the StartTLS instruction: Protocol error

I encountered the error mentioned in the title of this post after upgrading my samba install on Debian Lenny using Enterprise Samba binaries. The latest version they distribute at the time of writing is 3.4.9. My samba install talks to an ldap backend and the above error was shown upon starting the new version. Seems they added (or changed the default) option for the ldap protocol in smb.conf. Adding:

ldap ssl = off
makes the error go away.
Cool.

Comments

klausengelmann said…
Kenny:

Your tip was great.

It solved me a big problem.

Thanks,
8:08 PM
Anonymous said…
It helps me a lot too, thanks
10:32 AM
Tin said…
Hmmm - after an hour of trying to work out why my 2 new servers were so dang slow to connect, it turns out to be this easy. I'd been running around OpenLDAP trying to fix it's indexing complaints instead (and managed to hose the data at one stage - lucky I'd backed up a few hours earlier).

One massive note to people - this makes Samba talk to LDAP in plain text. The traffic could be monitored by malicious users and passwords can be stolen quite easily. This includes administrative passwords like the root DN password!
4:01 AM
Unknown said…
Thanks sir
5:49 AM
Anonymous said…
Thanks you save my day
4:10 PM
Post a Comment

Popular posts from this blog

Remove copy protection from PDF documents

This is probably illegal, so use it at your own risk. Some PDFs on the internet have a copy protection to make sure you cannot copy-paste any content from the PDF into a document you're writing. To circumvent this protection there are several tools available on the internet. I haven't tried any of them, because they're not free ;) There is however a procedure that will enable you to circumvent the copy protection using free tools. The trick is to convert the PDF to a PS (PostScript) document first and then convert it back into a PDF. So, download Ghostview en Ghostscript from: http://www.cs.wisc.edu/~ghost/ . Next, open your PDF in Ghostview. Next, from the "File" menu, select "Convert" (a dialog will pop up) Press "Ok" Fill in the name of the "converted" file. Press "Save" Tada, you can now copy content from your newly created PDF ;)
Read more

The story of the Cobalt Qube

Image
The other week, a friendly colleague of mine brought me a small present. He gave me one of his Cobalt Qube s (for free!) which was collecting dust at his home. He was certain that I could give it a better use. I think I can still remember the days these things hit the market (somewhere in the late 90's). This was a home / office server appliance way before the people of Microsoft thought up their Windows Home Server . It was running some modified version of Linux RedHat, featuring a web interface for all administrative tasks. It also had 2 network cards, so you could easily turn it into a gateway / firewall. The RedHat version running on the Qube was known to be notoriously insecure. It was also running an older 2.0.x kernel which was outdated, even at that time. The Qube 2700 and Qube 2 were both equipped with a MIPS processor. Later models had an i386 architecture. Mine was a Qube 2. Getting the serial connection to work The Qube does not have any VGA adapter, so if you want to s...
Read more

The end of vinyl records

Vinyl records have been there for ages. My dad still has a couple of old records but he has no turntable anymore to play them. This is because _I_ claimed his turntable a long time ago, which he thought had become old fashioned. I started buying vinyl records about 12 years ago. I remember saving all my pocket money and buying the latest records with it, instead of visiting pubs with friends. I remember everyone thinking vinyl records belonged to the past and MP3's and CD's were taking over. In fact, this was not true. DJ's playing at parties and clubs never stopped buying records and from my experience, about 80% of their music came from plain old vinyl and a tiny 20% from other media like CD's or MP3's. The reasoning behind this is simple, if you wanted something new, something not popular (yet), you bought it on vinyl. If it became popular, some record company would probably be so kind to put it on some CD and sell it. But then again, ages, if not decades ( :) ) ...
Read more