summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h1
-rw-r--r--source3/libads/ldap.c2
-rw-r--r--source3/param/loadparm.c12
3 files changed, 14 insertions, 1 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 53781563df..267ee74482 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -3985,6 +3985,7 @@ bool lp_passdb_expand_explicit(void);
char *lp_ldap_suffix(void);
char *lp_ldap_admin_dn(void);
int lp_ldap_ssl(void);
+bool lp_ldap_ssl_ads(void);
int lp_ldap_passwd_sync(void);
bool lp_ldap_delete_dn(void);
int lp_ldap_replication_sleep(void);
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index bb2b58e237..edbd69392c 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -672,7 +672,7 @@ got_connection:
ldap_set_option(ads->ldap.ld, LDAP_OPT_PROTOCOL_VERSION, &version);
- if (lp_parm_bool(-1, "ldap ssl", "ads", false)) {
+ if ( lp_ldap_ssl_ads() ) {
status = ADS_ERROR(smb_ldap_start_tls(ads->ldap.ld, version));
if (!ADS_ERR_OK(status)) {
goto out;
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index d672b372cf..bc7d9974f4 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -250,6 +250,7 @@ struct global {
char *szLdapIdmapSuffix;
char *szLdapGroupSuffix;
int ldap_ssl;
+ bool ldap_ssl_ads;
char *szLdapSuffix;
char *szLdapAdminDn;
int ldap_debug_level;
@@ -3611,6 +3612,15 @@ static struct parm_struct parm_table[] = {
.flags = FLAG_ADVANCED,
},
{
+ .label = "ldap ssl ads",
+ .type = P_BOOL,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.ldap_ssl_ads,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
+ {
.label = "ldap timeout",
.type = P_INTEGER,
.p_class = P_GLOBAL,
@@ -4922,6 +4932,7 @@ static void init_globals(bool first_time_only)
string_set(&Globals.szLdapAdminDn, "");
Globals.ldap_ssl = LDAP_SSL_START_TLS;
+ Globals.ldap_ssl_ads = False;
Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
Globals.ldap_delete_dn = False;
Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
@@ -5266,6 +5277,7 @@ FN_GLOBAL_BOOL(lp_passdb_expand_explicit, &Globals.bPassdbExpandExplicit)
FN_GLOBAL_STRING(lp_ldap_suffix, &Globals.szLdapSuffix)
FN_GLOBAL_STRING(lp_ldap_admin_dn, &Globals.szLdapAdminDn)
FN_GLOBAL_INTEGER(lp_ldap_ssl, &Globals.ldap_ssl)
+FN_GLOBAL_BOOL(lp_ldap_ssl_ads, &Globals.ldap_ssl_ads)
FN_GLOBAL_INTEGER(lp_ldap_passwd_sync, &Globals.ldap_passwd_sync)
FN_GLOBAL_BOOL(lp_ldap_delete_dn, &Globals.ldap_delete_dn)
FN_GLOBAL_INTEGER(lp_ldap_replication_sleep, &Globals.ldap_replication_sleep)