[Samba] TLS_CIPHER_SUITE - OpenLDAP connection
Andrew Bartlett
abartlet at samba.org
Mon Mar 14 10:03:10 UTC 2016
On Mon, 2016-03-14 at 01:55 +0100, Leander Schäfer wrote:
> What would be a working TLS_CIPHER_SUITE in ldap.conf for Samba 4.
> I'm
> asking, cause I had to remove
>
> TLS_CIPHER_SUITE TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!MD5:!3DES:@STRENGTH
>
> from my ldap.conf for samba to work. This wasn't documented anywhere.
> I
> think this should be mentoined in the wiki as well as in the man
> smb.conf under tls.
Aside from banning SSLv3, we just use whatever GnuTLS give us on your
platform, by default. Modern Samba versions even let you control that
with an smb.conf option.
I hope this helps,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list