LDAP samdb and "ldap ssl" (fwd)

Jeremy Allison jra at samba.org
Wed Jan 2 13:29:03 GMT 2002


On Wed, Jan 02, 2002 at 03:17:20PM -0600, Gerald (Jerry) Carter wrote:
> Folks,
> 
> I need to do a straw poll.  Right now the "ldap ssl" for the ldap samdb
> backend defaults to off which means that everthing goes in the clear in
> between the ldap server and smbd.  How do people feel about making this
> parameter default to "start tls"?  This means that using the default
> values, only an OpenLDAP 2.0 server properly confiured to support SSL
> connections would work.  This could be manually changed of course. The
> advantage I see is not sending things over the wire in the clear without
> the direct consent of the admin.

Default secure if you ask me.....

Plaintext passwords on the wire is *so* 1980's :-).

Jeremy.




More information about the samba-technical mailing list