[Samba] winbindd with LDAPS

jose.celestino at gmail.com jose.celestino at gmail.com
Wed Mar 8 12:58:27 UTC 2023


We have a samba installation (4.17.5) where a winbindd is part of an
AD domain and used to authenticate radius (radiator) logins.

The thing is, the AD administration is closing port 386 on the
password server and only allowing requests on 636 (ldaps).

I don't seem to be able to change the winbindd to use the ldaps port. Tried

ldap ssl = start tls
ldap ssl ads = yes
tls enabled = yes

but both the net join and the ntlm_auth go to port 386 and will cease
to work as soon as that is disabled.

Winbindd only works on 389 or am I missing something?

Thank you.

More information about the samba mailing list