summaryrefslogtreecommitdiff
path: root/docs-xml/smbdotconf/ldap/ldapssl.xml
diff options
context:
space:
mode:
authorKarolin Seeger <kseeger@samba.org>2009-02-06 09:41:21 +0100
committerKarolin Seeger <kseeger@samba.org>2009-02-06 09:42:55 +0100
commit61f1747441ff43c1d9c99bbf69e218c1984834c7 (patch)
tree5decd055be7bb21019dac9041538f6065519b22a /docs-xml/smbdotconf/ldap/ldapssl.xml
parent02f13538f00cc8368e3e5e8e510bac468c21089b (diff)
downloadsamba-61f1747441ff43c1d9c99bbf69e218c1984834c7.tar.gz
samba-61f1747441ff43c1d9c99bbf69e218c1984834c7.tar.bz2
samba-61f1747441ff43c1d9c99bbf69e218c1984834c7.zip
docs: Clarify "ldap ssl" description in man smb.conf.
Mention "ldap ssl ads". Karolin
Diffstat (limited to 'docs-xml/smbdotconf/ldap/ldapssl.xml')
-rw-r--r--docs-xml/smbdotconf/ldap/ldapssl.xml15
1 files changed, 13 insertions, 2 deletions
diff --git a/docs-xml/smbdotconf/ldap/ldapssl.xml b/docs-xml/smbdotconf/ldap/ldapssl.xml
index b2e953736b..fa7fea94d0 100644
--- a/docs-xml/smbdotconf/ldap/ldapssl.xml
+++ b/docs-xml/smbdotconf/ldap/ldapssl.xml
@@ -13,9 +13,9 @@
script.</para>
<para>LDAP connections should be secured where possible. This may be
- done setting either this parameter to
+ done setting <emphasis>either</emphasis> this parameter to
<parameter moreinfo="none">Start_tls</parameter>
- or by specifying <parameter moreinfo="none">ldaps://</parameter> in
+ <emphasis>or</emphasis> by specifying <parameter moreinfo="none">ldaps://</parameter> in
the URL argument of <smbconfoption name="passdb backend"/>.</para>
<para>The <smbconfoption name="ldap ssl"/> can be set to one of
@@ -32,6 +32,17 @@
communicating with the directory server.</para>
</listitem>
</itemizedlist>
+ <para>
+ Please note that this parameter does only affect <emphasis>rpc</emphasis>
+ methods. To enable the LDAPv3 StartTLS extended operation (RFC2830) for
+ <emphasis>ads</emphasis>, set
+ <smbconfoption name="ldap ssl">yes</smbconfoption>
+ <emphasis>and</emphasis>
+ <smbconfoption name="ldap ssl ads">yes</smbconfoption>.
+ See <refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum>
+ for more information on <smbconfoption name="ldap ssl ads"/>.
+ </para>
+
</description>
<value type="default">start tls</value>
</samba:parameter>