[Samba] Security Implications of "ldap server require strong auth"?
Christian Naumer
christian.naumer at greyfish.net
Tue May 28 05:51:06 UTC 2024
Am 28.05.24 um 07:34 schrieb Bestattungen Vitt - Thomas Reitelbach via
samba:
>
> Christian Naumer said, I can get Nextcloud to work without this insecure
> parameter - I'll have to figure out how I could acceppt a self-signed
> certificate on the side of apache2/php-ldap module.
I checked our installation and found this in the Nextcloud Doku
(https://docs.nextcloud.com/server/28/admin_manual/configuration_user/user_auth_ldap.html):
Turn off SSL certificate validation:
Turns off SSL certificate checking. Use it for testing only! Note:
The effect of this setting depends on the PHP system configuration. It
does for example not work with the [official Nextcloud container
image](https://github.com/nextcloud/docker). To disable certificate
verification for a particular use, append the following configuration
line to your /etc/ldap/ldap.conf:
` TLS_REQCERT ALLOW `
Regards
Christian
More information about the samba
mailing list