[Samba] samba4 - force ssl/tls for incoming ldap queries

Thoralf Schulze tschulze at deutsche-kinemathek.de
Mon Mar 17 08:25:28 MDT 2014

hi there,

is there a way to have sambas internal ldap server reject plaintext
connections? something similar to the ssf-settings in openldap's acls?

i was already thinking about instructing iptables to drop all
connections to port 389 - but that would effectively rule out starttls
and force the clients to use ldaps, which has been deprectated a long
time ago.

thank you & with kind regards,
thoralf schulze
deutsche kinemathek - museum für film und fernsehen
linux-administration / helpdesk
tschulze at deutsche-kinemathek.de / 030 - 300 903-531

More information about the samba mailing list