Hi,

Ldap and samba work fine if de ldap server is @localhost.

smbldap-populate however refuses to connect to the ldap server at the address ldaps://ldap.server

ldapsearch -x -H ldaps://ldap.server

I checked ldad.conf and smbldap.conf time and again.

Why oh why?

try ldap://ldap.server (drop the 's')

ldap unencrypeted is an option indeed, as is connecting through localhost. I have it working like that.

The point is, however, that remote connections ought to be possible.

I turned to an old configuration that used to work fine with regards to the subject, as far as I can remember.

Key is acl in slapd.conf. The error messages given are confusing, because they tell you that there is no connection possible.

I am still working on it and I will give this a try:

access to attrs=cn,sambaLMPassword,sambaNTPassword,sambaPwdLastSet,sambaLogonTime,sambaLogoffTime,sambaKickoff Time,sambaPw
dCanChange,sambaPwdMustChange,sambaAcctFlags,displayName,sambaHomePath,sambaHomeDrive,sambaLogonScri pt,sambaProfilePath,de
scription,sambaUserWorkstations,sambaPrimaryGroupSID,sambaDomainName,sambaMungedDial,sambaBadPasswor dCount,sambaBadPasswor
dTime,sambaPasswordHistory,sambaLogonHours,sambaSID,sambaSIDList,sambaTrustFlags,sambaGroupType,samb aNextRid,sambaNextGrou
pRid,sambaNextUserRid,sambaAlgorithmicRidBase,sambaShareName,sambaOptionName,sambaBoolOption,sambaSt ringOption,sambaString
Listoption
by dn="cn=samba,ou=DSA,dc=webhuis,dc=nl" write
by dn="cn=slurpd,ou=DSA,dc=webhuis,dc=nl" write
by dn="cn=smbldap-tools,ou=DSA,dc=webhuis,dc=nl" write
by dn="cn=nssldap,ou=DSA,dc=webhuis,dc=nl" write
by self read
by * none

some ldap servers have an option to restrict the range that can connect to the server. Have you checked that? Also, if unencrypted works but encrypted doesn't, have you checked your firewall? (you probably have but I'm just trying to help)