[Samba] ldaps:// referrals from DC

Marc Muehlfeld mmuehlfeld at samba.org
Tue Dec 20 16:44:03 UTC 2016

Hello Davide,

Am 20.12.2016 um 14:46 schrieb Davide Principi via samba:
> My troubles with Samba 4 DC start when the server response contains a
> referral with ldap:// URI scheme.  The client fails without messages to
> error logs.
> As workaround I could configure STARTTLS and bind over ldap:// scheme,
> or disable referrals on the client side ...but a question remain: is
> the Samba DC response "correct"? I'd expect both AD implementations do
> the same.

I haven't tried it, but what is wrong with STARTTLS? Right after the
connect the connection switches to TLS and authentication and data is
send encrypted to the server.


More information about the samba mailing list