summaryrefslogtreecommitdiff
path: root/docs-xml/smbdotconf
diff options
context:
space:
mode:
authorKarolin Seeger <kseeger@samba.org>2008-12-17 16:18:38 +0100
committerKarolin Seeger <kseeger@samba.org>2008-12-17 16:31:06 +0100
commit580461629bb88ce3b61770e7abfe2c942a121877 (patch)
tree22c64c5e403a4ffa164910560b8986001e70f14f /docs-xml/smbdotconf
parent9458d4be87f50abbaf0350bf5e3a968ae5fbeba5 (diff)
downloadsamba-580461629bb88ce3b61770e7abfe2c942a121877.tar.gz
samba-580461629bb88ce3b61770e7abfe2c942a121877.tar.bz2
samba-580461629bb88ce3b61770e7abfe2c942a121877.zip
docs: Update section "ldap ssl" in man smb.conf.
Remove non-existent value "on". Change default value to "no". Add hint about ldaps. Karolin
Diffstat (limited to 'docs-xml/smbdotconf')
-rw-r--r--docs-xml/smbdotconf/ldap/ldapssl.xml19
1 files changed, 8 insertions, 11 deletions
diff --git a/docs-xml/smbdotconf/ldap/ldapssl.xml b/docs-xml/smbdotconf/ldap/ldapssl.xml
index 383a545ae2..d785071ec4 100644
--- a/docs-xml/smbdotconf/ldap/ldapssl.xml
+++ b/docs-xml/smbdotconf/ldap/ldapssl.xml
@@ -12,8 +12,14 @@
<filename moreinfo="none">configure</filename>
script.</para>
+ <para>LDAP connections should be secured where possible. This may be
+ done setting either this parameter to
+ <parameter moreinfo="none">Start_tls</parameter>
+ or by specifying <parameter moreinfo="none">ldaps://</parameter> in
+ the URL argument of <smbconfoption name="passdb backend"/>.</para>
+
<para>The <smbconfoption name="ldap ssl"/> can be set to one of
- three values:</para>
+ two values:</para>
<itemizedlist>
<listitem>
<para><parameter moreinfo="none">Off</parameter> = Never
@@ -25,16 +31,7 @@
the LDAPv3 StartTLS extended operation (RFC2830) for
communicating with the directory server.</para>
</listitem>
-
- <listitem>
- <para><parameter moreinfo="none">On</parameter> = Use SSL
- on the ldaps port when contacting the <parameter>
- moreinfo="none">ldap server</parameter>. Only available when the
- backwards-compatiblity <command>
- moreinfo="none">--with-ldapsam</command> option is specified
- to configure. See <smbconfoption name="passdb backend"/></para>.
- </listitem>
</itemizedlist>
</description>
-<value type="default">start_tls</value>
+<value type="default">no</value>
</samba:parameter>