[Samba] TLS_CIPHER_SUITE - OpenLDAP connection

Andrew Bartlett abartlet at samba.org
Sat Mar 19 09:05:32 UTC 2016

On Mon, 2016-03-14 at 11:54 +0100, Leander Schäfer wrote:
> Hi,
> Thank you for your feedback, Andrew. Since Samba is not the only
> application making use of the TLS_CIPHER_SUITE negotiation rules in
> ldap.conf, I would like to ensure that all of them still use the
> highest encryption possible. Currently I had to remove
> "TLS_CIPHER_SUITE" as a workarrou d in order to let Samba work wirh
> LDAP in TLS mode. Does anyone have a suggestion how I can apply
> TLS_CIPHER_SUITE in such a way that Samba LDAP connection doesn't
> break?
> I think this is a major configuration issue and should be mentioned
> in the official Samba Wiki. Samba <-> LDAP Isn't working unless the
> varialbe  "TLS_CIPHER_SUITE" is deactivated or set propper. What do
> you think?

What role is Samba performing in your network?  What is the LDAP

We use different ldap libs in different places, so if you clarify what
you are trying to do, we can probably help more.


Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list