[Samba] ldapsearch with ldaps

Rowland Penny rpenny at samba.org
Mon Aug 29 09:19:42 UTC 2022

On Mon, 2022-08-29 at 11:03 +0200, Stefan Kania via samba wrote:
> Hello to all,
> following configuration:
> dovecote as IMAP-server and samba 4.16 as domaincontroller. We need
> to
> do the authentication from dovecot to ldap to do queries. We want to
> use
> ldaps or TLS as protocol to connect from the dovecot to AD. To allow
> connection to Sambas LDAP we set "ldap server require strong auth =
> no".
> Then we tested with:
> ldapsearch -D ktom at example.net -W -H ldaps://addc01.example.net -b
> dc=example,dc=net
> and it works, but as soon as we tried to do the same from the
> dovcot-server we only get a:
> ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
> Is it possible to allow the connection via LDAPS to a DC from any
> host?
> PLEASE: NO discussion about security!

Wouldn't dream of discussing security, because you have turned it off.

I suggest you read this:


Then consider using kerberos instead, it is much more 'the word we will
not use' :-)


More information about the samba mailing list