[Samba] GPO on a DC

samba-ml-en samba-ml-en at protonmail.com
Fri Jun 24 17:00:25 UTC 2022

They talk about AD talk (Dc to DC) (where as I mentioned - there is some reading too on the web on the topic) anyway AD needs LDAP to work and such traffic will always use LDAP (replication etc...). LDAPS' use in my project would be for an application where you would want traffic encrypted because no other mean to protect the traffic in transit is available. Anyway, I gather that when you set tls enabled=yes
samba (or samba-gpupdate) tries to use LDAPS (connect to LDAP and server redirect to LDAPS) whereas this should be at the clients request. Again my understanding....

> Try reading this:
> https://lists.samba.org/archive/samba/2020-October/232855.html
> Rowland

More information about the samba mailing list