In smb.conf(5): The default value of "ldap ssl" is start_tls, but actually the default value is "On" . Indeed in source/param/loadparm.c: ----- Globals.ldap_ssl = LDAP_SSL_ON; -----
Actually, the default is "" as LDAP_SSL_ON is not defined at all. We will have a look at this one...
I removed "ldap ssl = on" completely as ldaps is realized with ldaps URLs in the "passdb backend" meanwhile. The default has been changed to "ldap ssl = no" which does not change the default behaviour, but a more sensible value. The manpage has been updated accordingly. Closing out bug report. Thanks for reporting!
Thanks! I will check when later version is released. I found this bug occurred when Samba 3.0.23 was released.