gitlab: testing of ldap-ssl-ads option
Andrew Bartlett
abartlet at samba.org
Mon Jun 22 22:42:36 UTC 2020
On Mon, 2020-06-22 at 23:02 +0200, Isaac Boukris wrote:
> On Mon, Jun 22, 2020 at 9:32 PM Andrew Bartlett <abartlet at samba.org>
> wrote:
> >
> > Likewise, ldap ssl ads should explain more which operations it
> > applies
> > to (additionally note it doesn't apply to tldap and so idmap_ad as
> > TLS
> > isn't implemented there yet).
>
> Yeah, I'm still unclear how it relates to and differs from "ldap
> ssl".
>
> Another idea I've discussed with Andreas, we could implicitly set
> "client ldap sasl wrapping" to "plain" when we *know* we are over
> TLS,
> to avoid having the admin set to "plain" globally, but this can wait
> I
> guess.
Yes, we should do that, anything else just makes pain for the
administrator.
Andrew Bartlett
--
Andrew Bartlett https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Developer, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list