Project

General

Profile

Tâche #13324

Scénario #13012: Exécuter les tests eCDL 2.5.1

Erreur récurrente dans Winbind

Added by Emmanuel IHRY over 5 years ago. Updated over 5 years ago.

Status:
Fermé
Priority:
Normal
Assigned To:
Start date:
09/21/2015
Due date:
% Done:

100%

Estimated time:
2.00 h
Spent time:
Remaining (hours):
0.0

Description

Lors du lancement ou lors d'un getent :

Attempting to find a passdb backend to match ldapsam:"ldaps://ldapsmb.ac.melanie2.i2:636" (ldapsam)
Found pdb backend ldapsam
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=TEST-PNESR))]
smbldap_search_ext: base => [ou=TEST-PNESR,ou=domaines,ou=Samba,ou=applications,ou=ressources,dc=equipement,dc=gouv,dc=fr], filter => [(&(objectClass=sambaDomain)(sambaDomainName=TEST-PNESR))], scope => [2]
The connection to the LDAP server was closed
Failed to issue the StartTLS instruction: Operations error
Connection to LDAP server failed for the 1 try!
pdb backend ldapsam:"ldaps://ldapsmb.ac.melanie2.i2:636" has a valid init
Found policy hnd0 [0000] 00 00 00 00 01 00 00 00 00 00 00 00 0D 56 14 FF ........ .....V..
[0010] 54 0B 00 00 T...
smbldap_search_ext: base => [sambaDomainName=TEST-PNESR,ou=TEST-PNESR,ou=domaines,ou=Samba,ou=applications,ou=ressources,dc=equipement,dc=gouv,dc=fr], filter => [(objectClass=sambaTrustedDomainPassword)], scope => [2]
The connection to the LDAP server was closed
Failed to issue the StartTLS instruction: Operations error
Connection to LDAP server failed for the 1 try!
ldapsam_enum_trusteddoms: got 1 domains
Found policy hnd0 [0000] 00 00 00 00 01 00 00 00 00 00 00 00 0D 56 14 FF ........ .....V..
[0010] 54 0B 00 00 T...
Found policy hnd0 [0000] 00 00 00 00 01 00 00 00 00 00 00 00 0D 56 14 FF ........ .....V..
[0010] 54 0B 00 00 T...
Closed policy
Finished processing child request 20

--> ces erreurs existent peut être depuis toujours ? au bout de plusieurs tentatives en echec, cela passe !

History

#1 Updated by Emmanuel IHRY over 5 years ago

  • Subject changed from Erreur récurrent dans Winbind to Erreur récurrente dans Winbind
  • Description updated (diff)

#2 Updated by Emmanuel IHRY over 5 years ago

  • Status changed from Nouveau to En cours

#3 Updated by Emmanuel IHRY over 5 years ago

  • Estimated time set to 2.00 h
  • Remaining (hours) set to 1.0

il semble que ce problème soit résolu en indiquant :

ldap ssl = Off (à la place de = star tls)

En effet la doc indique https://www.samba.org/samba/docs/man/manpages/smb.conf.5.html

LDAP connections should be secured where possible. This may be done setting either this parameter to Start_tls or by specifying ldaps:// in the URL argument of passdb backend.

The ldap ssl can be set to one of two values:

    Off = Never use SSL when querying the directory.

    start tls = Use the LDAPv3 StartTLS extended operation (RFC2830) for communicating with the directory server.

start tls parait donc redondant avec l'utilisation de ldaps://

--> modification à reporter vers smb.conf ?

#4 Updated by Emmanuel IHRY over 5 years ago

  • % Done changed from 0 to 80

#5 Updated by Emmanuel IHRY over 5 years ago

  • Status changed from En cours to Fermé
  • % Done changed from 80 to 100
  • Remaining (hours) changed from 1.0 to 0.0

le problème est résolu à condition de désactiver dans la configuration TLS dans EOLE, soit mettre ldap_tls = Non

--> pas un problème donc, mais une campagne de mise à jour des eCDL doit être faite dans le prochain sprint

Also available in: Atom PDF