LDAP samdb and "ldap ssl" (fwd)

Gerald (Jerry) Carter jerry at samba.org
Wed Jan 2 13:22:27 GMT 2002


I need to do a straw poll.  Right now the "ldap ssl" for the ldap samdb
backend defaults to off which means that everthing goes in the clear in
between the ldap server and smbd.  How do people feel about making this
parameter default to "start tls"?  This means that using the default
values, only an OpenLDAP 2.0 server properly confiured to support SSL
connections would work.  This could be manually changed of course. The
advantage I see is not sending things over the wire in the clear without
the direct consent of the admin.

Yes?  No?

chau, jerry
 Hewlett-Packard                                     http://www.hp.com
 SAMBA Team                                       http://www.samba.org
 --                                            http://www.plainjoe.org
 "Sam's Teach Yourself Samba in 24 Hours" 2ed.      ISBN 0-672-32269-2
 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--

More information about the samba-technical mailing list