[Samba] LDAP SSL

Rowland Penny rpenny at samba.org
Thu Aug 9 07:56:02 UTC 2018

On Thu, 9 Aug 2018 02:07:40 +0000
Praveen Ghimire via samba <samba at lists.samba.org> wrote:

> Hi ,
> I would really appreciate some suggestions re the following issue.
> We have a LDAP based PDC and a member server.  

Ah, no you haven't ;-)
You have a PDC and something that looks like a cross between a BDC and
a standalone server.

A BDC because it is connecting to the ldap on the PDC.
A standalone server because of 'security = user' and 'domain logons =

>We're use libnss_ldap
> to auth the users. The LDAP PDC is setup with self signed SSL , we're
> trying make sure the member server connects to the PDC using SSL.

As you shouldn't be trying to do this, it isn't really a problem ;-)

Is this a new domain ?
If so, have you missed all the warnings about setting up new NT4-style
domains ?
You would be much better off setting up an AD domain.


More information about the samba mailing list