On Tue, 2016-12-20 at 18:12 +0100, Davide Principi via samba
wrote:> Hi Marc,
>
> thank you for your quick response!
>
> On Tue, 2016-12-20 at 17:44 +0100, Marc Muehlfeld via samba wrote:
> >
> >
> > I haven't tried it, but what is wrong with STARTTLS?
>
> Nothing is wrong with STARTTLS (if the client supports it)! In my
> case
> I disabled referrals chasing in roundcube, as workaround.
>
> The reason I ask here is: MS DC gives a different response, and looks
> more client-friendly than the Samba DC one.
>
> Should the Samba DC return "ldaps://" scheme in referral, too?
>
> As said, I'm not an LDAP expert and don't know what is the correct
> referral URI.
If we do something detectably different then (in general) that is a bug
and should be fixed. Filing bugs helps us keep track, and patches with
tests help this kind of thing get fixed faster :-)
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba