Re: [Samba] TLS ca/cert/key creation
- Date: Thu, 3 Jan 2019 16:23:43 +0000
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] TLS ca/cert/key creation
On Thu, 3 Jan 2019 08:10:30 -0800
Gregory Sloop via samba <samba@xxxxxxxxxxxxxxx> wrote:
> Really Rowland?
> As quoted:
> >> I believe I need to examine TLS since when I set "ldap server
> >> require strong auth = allow_sasl_over_tls" or "ldap server require
> >> strong auth = yes" user and group queries fail.
> This is OBVIOUSLY using LDAP and TLS.
I am not arguing that.
> If this was via NTLM/Kerberos, the above setting wouldn't make the
> slightest difference.
> But all that aside - the key question is: [Again, lets quit arguing
> if this is TLS/LDAP or Kerberos.]
> *** How do I get visability into the TLS negotiation so I can figure
> out what's wrong with my ca/certs/keys.
I will send you some notes I made when testing LDAP searches via
SSL/TLS, perhaps these will help.
To unsubscribe from this list go to the following URL and read the