NTLM encrypted LDAP connections broken in Samba4
Matthias Dieter Wallnöfer
mdw at samba.org
Thu Feb 25 15:27:55 MST 2010
I tried it with commit 661d25402ecb36a35bee6b282440854f5280781a (17 Sep
2008) and it didn't work.
When connecting using "ldaps://" with "ldbsearch" it hang, when using
"ldap://" I immediately got a connection error message. The server was
always my Windows Server 2008 VM. I tested ldbsearch with your patch
Testing revisions before is a bit harder since we had separate branches
- well, I could have switched to them.
Andrew Bartlett wrote:
> Somewhere in the mists of time, the hooks to encrypt an LDAP session
> from ldbsearch (and anything else that uses the Samba4 ldap libs) has
> been broken.
> The reason is simple - it's not tested, and isn't a standard option from
> the ldb command line. To set the use of LDAP encryption, use this patch
> and run ldbsearch against a known-good server.
> It would be great if someone could do a git bisect to chase this down,
> as I've not got far with 'stare at packets'.
> I'll expose this properly in command line options and python bindings
> once it works again, and use it to run this in 'make test' in future.
> Andrew Bartlett
More information about the samba-technical