ldap ssl

This option is used to define whether or not Samba should use SSL when connecting to the ldap server This is NOT related to Samba's previous SSL support which was enabled by specifying the --with-ssl option to the configure script.
LDAP connections should be secured where possible. This may be done setting either this parameter to start tls or by specifying ldaps:// in
the URL argument of .
The can be set to one of two values: Off = Never use SSL when querying the directory.
start tls = Use the LDAPv3 StartTLS extended operation (RFC2830) for communicating with the directory server. Please note that this parameter does only affect rpc methods. To enable the LDAPv3 StartTLS extended operation (RFC2830) for ads, set start tls and yes. See smb.conf5 for more information on .

Supported on: At least Microsoft Windows 7 or Windows Server 2008 family

ldap ssl

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Samba\smb_conf\ldap ssl
Value Nameldap ssl
Value TypeREG_SZ
Default Valuestart tls

samba.admx

Administrative Templates (Computers)