gitlab: testing of ldap-ssl-ads option

Andrew Bartlett abartlet at
Mon Jun 22 22:42:36 UTC 2020

On Mon, 2020-06-22 at 23:02 +0200, Isaac Boukris wrote:
> On Mon, Jun 22, 2020 at 9:32 PM Andrew Bartlett <abartlet at>
> wrote:
> > 
> > Likewise, ldap ssl ads should explain more which operations it
> > applies
> > to (additionally note it doesn't apply to tldap and so idmap_ad as
> > TLS
> > isn't implemented there yet).
> Yeah, I'm still unclear how it relates to and differs from "ldap
> ssl".
> Another idea I've discussed with Andreas, we could implicitly set
> "client ldap sasl wrapping" to "plain" when we *know* we are over
> TLS,
> to avoid having the admin set to "plain" globally, but this can wait
> I
> guess.

Yes, we should do that, anything else just makes pain for the

Andrew Bartlett

Andrew Bartlett             
Authentication Developer, Samba Team
Samba Developer, Catalyst IT 

More information about the samba-technical mailing list