HEAD: smb.conf 'ldap ssl' defaults to on?
Gerald (Jerry) Carter
jerry at samba.org
Thu Jan 3 16:10:10 GMT 2002
On Thu, 3 Jan 2002 martin at sbirmc.ac.uk wrote:
> I've spent all day debugging, and finally an strace showed me the
> way. There's an iddy-biddy if() block in passdb/pdb_ldap.c which
> checks whether to connect to the LDAP server on the ldaps port
> (685?) or the normal ldap port (389). And this wasn't giving the right
> answer. So I set 'ldap ssl = no' in smb.conf and now all is well
> again. AND I get spiffy SIDs rather than dowdy
> unix_group\loadofnumbers when I look at process security stuff in
> W2K.
>
> Now, the man page says that 'ldap ssl' defaults to off.
welcome to the bleeding edge. I'm updated the docs in 2.2
but not in HEAD. Yes "ldap ssl" will default to "on" and
"ldap port" will default to 636.
This was a recent change as the clear text transmission of
password hashes was deemed to evil to live.
Sory you got bit by this. I'l update the docs in HEAD tonight
and try look at syncing the code some more.
chau. jerry
---------------------------------------------------------------------
Hewlett-Packard http://www.hp.com
SAMBA Team http://www.samba.org
-- http://www.plainjoe.org
"Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2
--"I never saved anything for the swim back." Ethan Hawk in Gattaca--
More information about the samba
mailing list