diff options
| author | Jelmer Vernooij <jelmer@samba.org> | 2008-12-19 21:47:45 +0100 |
|---|---|---|
| committer | Jelmer Vernooij <jelmer@samba.org> | 2008-12-19 21:47:45 +0100 |
| commit | 5076c64d43c68a028ac944c336715b4cb277365f (patch) | |
| tree | e88fc16979b75b5b30377e84b76ebb1b87e01591 /docs-xml/smbdotconf | |
| parent | 6998ef4fe021ebf40f63c2191d3259888a8ad7f4 (diff) | |
| parent | 13eefa7c435cb5ac656f662c78260a82caf43180 (diff) | |
| download | samba-5076c64d43c68a028ac944c336715b4cb277365f.tar.gz samba-5076c64d43c68a028ac944c336715b4cb277365f.tar.bz2 samba-5076c64d43c68a028ac944c336715b4cb277365f.zip | |
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Diffstat (limited to 'docs-xml/smbdotconf')
| -rw-r--r-- | docs-xml/smbdotconf/ldap/ldapssl.xml | 37 | ||||
| -rw-r--r-- | docs-xml/smbdotconf/ldap/ldaptimeout.xml | 4 |
2 files changed, 19 insertions, 22 deletions
diff --git a/docs-xml/smbdotconf/ldap/ldapssl.xml b/docs-xml/smbdotconf/ldap/ldapssl.xml index 39ed08fe82..d785071ec4 100644 --- a/docs-xml/smbdotconf/ldap/ldapssl.xml +++ b/docs-xml/smbdotconf/ldap/ldapssl.xml @@ -3,36 +3,35 @@ type="enum" advanced="1" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - <description> +<description> <para>This option is used to define whether or not Samba should use SSL when connecting to the ldap server This is <emphasis>NOT</emphasis> related to - Samba's previous SSL support which was enabled by specifying the - <command moreinfo="none">--with-ssl</command> option to the <filename moreinfo="none">configure</filename> + Samba's previous SSL support which was enabled by specifying the + <command moreinfo="none">--with-ssl</command> option to the + <filename moreinfo="none">configure</filename> script.</para> - -<para>The <smbconfoption name="ldap ssl"/> can be set to one of three values:</para> + + <para>LDAP connections should be secured where possible. This may be + done setting either this parameter to + <parameter moreinfo="none">Start_tls</parameter> + or by specifying <parameter moreinfo="none">ldaps://</parameter> in + the URL argument of <smbconfoption name="passdb backend"/>.</para> + + <para>The <smbconfoption name="ldap ssl"/> can be set to one of + two values:</para> <itemizedlist> <listitem> - <para><parameter moreinfo="none">Off</parameter> = Never + <para><parameter moreinfo="none">Off</parameter> = Never use SSL when querying the directory.</para> </listitem> <listitem> - <para><parameter moreinfo="none">Start_tls</parameter> = Use - the LDAPv3 StartTLS extended operation (RFC2830) for + <para><parameter moreinfo="none">Start_tls</parameter> = Use + the LDAPv3 StartTLS extended operation (RFC2830) for communicating with the directory server.</para> </listitem> - - <listitem> - <para><parameter moreinfo="none">On</parameter> = Use SSL - on the ldaps port when contacting the <parameter - moreinfo="none">ldap server</parameter>. Only available when the - backwards-compatiblity <command - moreinfo="none">--with-ldapsam</command> option is specified - to configure. See <smbconfoption name="passdb backend"/></para>. - </listitem> - </itemizedlist> + </itemizedlist> </description> -<value type="default">start_tls</value> +<value type="default">no</value> </samba:parameter> diff --git a/docs-xml/smbdotconf/ldap/ldaptimeout.xml b/docs-xml/smbdotconf/ldap/ldaptimeout.xml index 9c34ac8bec..5bc2699d00 100644 --- a/docs-xml/smbdotconf/ldap/ldaptimeout.xml +++ b/docs-xml/smbdotconf/ldap/ldaptimeout.xml @@ -5,9 +5,7 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> <description> <para> - When Samba connects to an ldap server that server may be down or unreachable. To prevent Samba from hanging whilst - waiting for the connection this parameter specifies in seconds how long Samba should wait before failing the - connect. The default is to only wait fifteen seconds for the ldap server to respond to the connect request. + This parameter defines the number of seconds that Samba should use as timeout for LDAP operations. </para> </description> <value type="default">15</value> |