[Samba] Re: Role of TLS in LDAP for Samba 3.x

paul kölle paul at subsignal.org
Sat Sep 24 09:06:02 GMT 2005


Arup Biswas wrote:
> I am wondering if there is any documentation that describes the role TLS
> plays in LDAP security in Samba 3.x. I would like to understand what is the
> relationship of TLS with other LDAP security mechanisms like Kerberos via
> SASL and if TLS provides any added security. Is it like TLS provides an
> encrypted channel for all LDAP communications (privacy) whereas Kerberos
> just provides the authentication?
> 
> I would appreciate any pointer,
As far as the samba <-> LDAP communication is concerned, you can use
start_tls = yes in smb.conf to encrypt the traffic. AFAIK you cannot use
SASL mechs like GSSAPI for this (samba does only simple binds).

hth
 Paul



More information about the samba mailing list