[Samba] Re: Role of TLS in LDAP for Samba 3.x
paul at subsignal.org
Sat Sep 24 09:06:02 GMT 2005
Arup Biswas wrote:
> I am wondering if there is any documentation that describes the role TLS
> plays in LDAP security in Samba 3.x. I would like to understand what is the
> relationship of TLS with other LDAP security mechanisms like Kerberos via
> SASL and if TLS provides any added security. Is it like TLS provides an
> encrypted channel for all LDAP communications (privacy) whereas Kerberos
> just provides the authentication?
> I would appreciate any pointer,
As far as the samba <-> LDAP communication is concerned, you can use
start_tls = yes in smb.conf to encrypt the traffic. AFAIK you cannot use
SASL mechs like GSSAPI for this (samba does only simple binds).
More information about the samba