NTLM encrypted LDAP connections broken in Samba4

Andrew Bartlett abartlet at samba.org
Thu Feb 25 04:10:43 MST 2010

Somewhere in the mists of time, the hooks to encrypt an LDAP session
from ldbsearch (and anything else that uses the Samba4 ldap libs) has
been broken.

The reason is simple - it's not tested, and isn't a standard option from
the ldb command line.  To set the use of LDAP encryption, use this patch
and run ldbsearch against a known-good server.

It would be great if someone could do a git bisect to chase this down,
as I've not got far with 'stare at packets'. 

I'll expose this properly in command line options and python bindings
once it works again, and use it to run this in 'make test' in future.

Andrew Bartlett
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: encrypted-ldap.patch
Type: text/x-patch
Size: 518 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100225/7bd6e2e2/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100225/7bd6e2e2/attachment.pgp>

More information about the samba-technical mailing list