thr3ads.net - samba - [Samba] LDAPS , TLS [Jan 2023]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

E R

2023-Jan-28 18:31 UTC

[Samba] LDAPS , TLS

The wiki has a page
https://wiki.samba.org/index.php/Configuring_LDAP_over_SSL_(LDAPS)_on_a_Samba_AD_DC
that discusses LDAPS but I am going to assume this only applies if using
Samba as a domain controller?  I also see there is a setting for "tls
enabled" in the smb.conf file as well along with some other settings for
configuring TLS.  Can/should any of these be used when using "security
ads"?

As I understand it "security = ads" uses Kerberos so I am inclined to
say
"no".  But when I noticed the setting for "winbind rpc only"
says LDAP is
used first this makes me wonder if I might be using unsecure LDAP in some
scenario.

Reasonably Related Threads

LDAPS is not working
How to configure samba domain member to use LDAPS instead of LDAP
Status of LDAPS port 636 with Winbind idmap backend ad in 2024?
[Solved] Problem with intermediate certificate (tls cafile)
Enabling LDAPS in Samba in a dual-DC setup

Search for more possibly parallel threads

samba - Jan 2023 - LDAPS , TLS

[Samba] LDAPS , TLS

Reasonably Related Threads

Wisdom of the Ancients