NTLM encrypted LDAP connections broken in Samba4

Matthias Dieter Wallnöfer mdw at samba.org
Thu Feb 25 15:27:55 MST 2010


I tried it with commit 661d25402ecb36a35bee6b282440854f5280781a (17 Sep 
2008) and it didn't work.

When connecting using "ldaps://" with "ldbsearch" it hang, when using 
"ldap://" I immediately got a connection error message. The server was 
always my Windows Server 2008 VM. I tested ldbsearch with your patch 

Testing revisions before is a bit harder since we had separate branches 
- well, I could have switched to them.


Andrew Bartlett wrote:
> Somewhere in the mists of time, the hooks to encrypt an LDAP session
> from ldbsearch (and anything else that uses the Samba4 ldap libs) has
> been broken.
> The reason is simple - it's not tested, and isn't a standard option from
> the ldb command line.  To set the use of LDAP encryption, use this patch
> and run ldbsearch against a known-good server.
> It would be great if someone could do a git bisect to chase this down,
> as I've not got far with 'stare at packets'.
> I'll expose this properly in command line options and python bindings
> once it works again, and use it to run this in 'make test' in future.
> Andrew Bartlett

More information about the samba-technical mailing list