[Samba] TLS and ldap referals

Thierry Lacoste lacoste at miage.univ-paris12.fr
Wed Jun 6 20:40:39 GMT 2007

I have a samba PDC with a master openldap server
and a samba BDC with a slave openldap server.
Replication is done with slurpd with a TLS connection
and the slave ldap server has an updateref pointing
to the master (I don't use ldaps).

On each domain controller my smb.conf contains:
passdb backend = ldapsam:ldap://localhost

Now I'd like my ldap servers to reject non TLS connections
except on the loopback interface (to avoid unnecessary

Is it possible to configure my BDC so that TLS is used when
chasing the referal but connections to its passdb backend
are not encrypted?


More information about the samba mailing list