diff options
-rw-r--r-- | source3/include/proto.h | 1 | ||||
-rw-r--r-- | source3/libads/ldap.c | 2 | ||||
-rw-r--r-- | source3/param/loadparm.c | 12 |
3 files changed, 14 insertions, 1 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 53781563df..267ee74482 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3985,6 +3985,7 @@ bool lp_passdb_expand_explicit(void); char *lp_ldap_suffix(void); char *lp_ldap_admin_dn(void); int lp_ldap_ssl(void); +bool lp_ldap_ssl_ads(void); int lp_ldap_passwd_sync(void); bool lp_ldap_delete_dn(void); int lp_ldap_replication_sleep(void); diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index bb2b58e237..edbd69392c 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -672,7 +672,7 @@ got_connection: ldap_set_option(ads->ldap.ld, LDAP_OPT_PROTOCOL_VERSION, &version); - if (lp_parm_bool(-1, "ldap ssl", "ads", false)) { + if ( lp_ldap_ssl_ads() ) { status = ADS_ERROR(smb_ldap_start_tls(ads->ldap.ld, version)); if (!ADS_ERR_OK(status)) { goto out; diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index d672b372cf..bc7d9974f4 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -250,6 +250,7 @@ struct global { char *szLdapIdmapSuffix; char *szLdapGroupSuffix; int ldap_ssl; + bool ldap_ssl_ads; char *szLdapSuffix; char *szLdapAdminDn; int ldap_debug_level; @@ -3611,6 +3612,15 @@ static struct parm_struct parm_table[] = { .flags = FLAG_ADVANCED, }, { + .label = "ldap ssl ads", + .type = P_BOOL, + .p_class = P_GLOBAL, + .ptr = &Globals.ldap_ssl_ads, + .special = NULL, + .enum_list = NULL, + .flags = FLAG_ADVANCED, + }, + { .label = "ldap timeout", .type = P_INTEGER, .p_class = P_GLOBAL, @@ -4922,6 +4932,7 @@ static void init_globals(bool first_time_only) string_set(&Globals.szLdapAdminDn, ""); Globals.ldap_ssl = LDAP_SSL_START_TLS; + Globals.ldap_ssl_ads = False; Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF; Globals.ldap_delete_dn = False; Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */ @@ -5266,6 +5277,7 @@ FN_GLOBAL_BOOL(lp_passdb_expand_explicit, &Globals.bPassdbExpandExplicit) FN_GLOBAL_STRING(lp_ldap_suffix, &Globals.szLdapSuffix) FN_GLOBAL_STRING(lp_ldap_admin_dn, &Globals.szLdapAdminDn) FN_GLOBAL_INTEGER(lp_ldap_ssl, &Globals.ldap_ssl) +FN_GLOBAL_BOOL(lp_ldap_ssl_ads, &Globals.ldap_ssl_ads) FN_GLOBAL_INTEGER(lp_ldap_passwd_sync, &Globals.ldap_passwd_sync) FN_GLOBAL_BOOL(lp_ldap_delete_dn, &Globals.ldap_delete_dn) FN_GLOBAL_INTEGER(lp_ldap_replication_sleep, &Globals.ldap_replication_sleep) |