Heads-up: Setting "ldap ssl = start_tls" in 3.3.0?

John H Terpstra jht at samba.org
Thu Dec 18 08:14:48 GMT 2008

On Thursday 18 December 2008 01:52:25 Karolin Seeger wrote:
> Hey folks,
> according to the smb.conf manpage, the default value for "ldap ssl" was
> "start_tls". While trying to fix bug #5949, it sticked out that LDAP_SSL_ON
> was not defined at all and the effective default value was "" for a very
> long period of time.
> To assure consistency, the default value has been set to "ldap ssl = no" in
> all trees. The documentation has been updated accordingly. Changing the
> default to "start_tls" would break existing setups using LDAP backends
> without tls.
> The question is if we should change the default to "start_tls" in 3.3.0.
> Any opinions?
> Karolin

Suggest we set the default to "ldap ssl = no" in all 3.x trees.

- John T.

More information about the samba-technical mailing list