[Samba] LDAP logins failing after installing Samba 4.4.5
Andrew Bartlett
abartlet at samba.org
Wed Mar 8 17:59:42 UTC 2017
On Wed, 2017-03-08 at 08:41 +0000, Rowland Penny via samba wrote:
> On Wed, 08 Mar 2017 10:22:27 +1300
> Andrew Bartlett <abartlet at samba.org> wrote:
>
> >
> > To be clear, AD does allow simple binds. We restrict them in Samba
> > per the "ldap server require strong auth" parameter.
> >
>
> It all depends on your definition of 'simple', mine was without
> authenticated username and password.
The words "simple bind" have a specific meaning in the spec:
https://tools.ietf.org/html/rfc4513#section-5.1
(What we don't implement is 5.1.2, that is treating a user DN but no
password as special, we will just fail the login with
invalidCredentials rather than unwillingToPerform).
I hope this helps clarify the terms in use here,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list