1 <samba:parameter name="ldap server require strong auth"
4 enumlist="enum_ldap_server_require_strong_auth_vals"
5 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
8 The <smbconfoption name="ldap server require strong auth"/> defines whether
9 the ldap server requires ldap traffic to be signed or signed and encrypted (sealed).
10 Possible values are <emphasis>no</emphasis>, <emphasis>allow_sasl_over_tls</emphasis>
11 and <emphasis>yes</emphasis>.
14 <para>A value of <emphasis>no</emphasis> allows simple and sasl binds over
15 all transports.</para>
17 <para>A value of <emphasis>allow_sasl_over_tls</emphasis> allows simple and sasl binds
18 (without sign or seal) over TLS encrypted connections. Unencrypted connections only
19 allow sasl binds with sign or seal.</para>
21 <para>A value of <emphasis>yes</emphasis> allows only simple binds
22 over TLS encrypted connections. Unencrypted connections only
23 allow sasl binds with sign or seal.</para>
25 <value type="default">yes</value>