Bug 12023 - Man page: wrong option for parameter ldap ssl
Summary: Man page: wrong option for parameter ldap ssl
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Documentation (show other bugs)
Version: 4.4.5
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba Documentation QA Contact~
Depends on:
Reported: 2016-07-15 10:18 UTC by Marc Muehlfeld
Modified: 2021-07-11 11:37 UTC (History)
2 users (show)

See Also:

Patch for master (1.59 KB, patch)
2016-07-16 18:16 UTC, Marc Muehlfeld
no flags Details
patch for 4.5 (1.71 KB, patch)
2016-08-05 07:12 UTC, Andreas Schneider
kseeger: review+
patch for 4.4 (1.71 KB, patch)
2016-08-05 07:13 UTC, Andreas Schneider
kseeger: review+

Note You need to log in before you can comment on or make changes to this bug.
Description Marc Muehlfeld 2016-07-15 10:18:36 UTC
The "ldap ssl" description for smb.conf is incorrectly defined.  It says "set ldap ssl = yes", but the code only defines "off" and "start tls" as valid options.

Here is the extract of the description:
 Please note that this parameter does only affect rpc methods. To enable the LDAPv3 StartTLS extended operation (RFC2830) for ads, set
       ldap ssl = yesandldap ssl ads = yes. 

Here is a snip of the source code.
$ grep -A1 "LDAP SSL" source3/include/smb.h
   /* LDAP SSL options */
    enum ldap_ssl_types {LDAP_SSL_OFF, LDAP_SSL_START_TLS};
Comment 1 Marc Muehlfeld 2016-07-16 18:16:35 UTC
Created attachment 12272 [details]
Patch for master
Comment 2 Andreas Schneider 2016-08-05 07:12:59 UTC
Created attachment 12314 [details]
patch for 4.5
Comment 3 Andreas Schneider 2016-08-05 07:13:19 UTC
Created attachment 12315 [details]
patch for 4.4
Comment 4 Karolin Seeger 2016-08-05 08:00:38 UTC
Pushed to autobuild-v4-[5|4]-test.
Comment 5 Karolin Seeger 2016-08-11 08:30:41 UTC
(In reply to Karolin Seeger from comment #4)
Pushed to both branches.
Closing out bug report.