The "ldap ssl" description for smb.conf is incorrectly defined. It says "set ldap ssl = yes", but the code only defines "off" and "start tls" as valid options. Here is the extract of the description: " Please note that this parameter does only affect rpc methods. To enable the LDAPv3 StartTLS extended operation (RFC2830) for ads, set ldap ssl = yesandldap ssl ads = yes. " Here is a snip of the source code. $ grep -A1 "LDAP SSL" source3/include/smb.h /* LDAP SSL options */ enum ldap_ssl_types {LDAP_SSL_OFF, LDAP_SSL_START_TLS};
Created attachment 12272 [details] Patch for master
Created attachment 12314 [details] patch for 4.5
Created attachment 12315 [details] patch for 4.4
Pushed to autobuild-v4-[5|4]-test.
(In reply to Karolin Seeger from comment #4) Pushed to both branches. Closing out bug report. Thanks!