From owner-freebsd-questions@FreeBSD.ORG  Mon Jul 20 05:41:57 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C5376106564A
	for <freebsd-questions@freebsd.org>;
	Mon, 20 Jul 2009 05:41:57 +0000 (UTC) (envelope-from on@cs.ait.ac.th)
Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16])
	by mx1.freebsd.org (Postfix) with ESMTP id 3C53F8FC1E
	for <freebsd-questions@freebsd.org>;
	Mon, 20 Jul 2009 05:41:56 +0000 (UTC) (envelope-from on@cs.ait.ac.th)
Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5])
	by mail.cs.ait.ac.th (8.13.1/8.13.1) with ESMTP id n6K5fPMl092159
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Mon, 20 Jul 2009 12:41:25 +0700 (ICT) (envelope-from on@cs.ait.ac.th)
Received: (from on@localhost)
	by banyan.cs.ait.ac.th (8.14.3/8.14.3/Submit) id n6K5fkYU096634;
	Mon, 20 Jul 2009 12:41:46 +0700 (ICT) (envelope-from on)
Date: Mon, 20 Jul 2009 12:41:46 +0700 (ICT)
Message-Id: <200907200541.n6K5fkYU096634@banyan.cs.ait.ac.th>
From: Olivier Nicole <on@cs.ait.ac.th>
To: ruel.freebsd@gmail.com
In-reply-to: <ee9dc2b40907192237x3c65b9cy11ce9ba5f8687891@mail.gmail.com>
	(message from Ruel Luchavez on Mon, 20 Jul 2009 13:37:12 +0800)
References: <ee9dc2b40907171829r5afbc885u1f84b2054ff4f5e5@mail.gmail.com>
	<200907180207.n6I27ZDQ071155@banyan.cs.ait.ac.th>
	<ee9dc2b40907171917k1089ea27n22d0b9621c083b7@mail.gmail.com>
	<200907180225.n6I2PaES071268@banyan.cs.ait.ac.th>
	<ee9dc2b40907172002l1111749emcc77f3331434ac54@mail.gmail.com>
	<200907180311.n6I3B063071564@banyan.cs.ait.ac.th>
	<ee9dc2b40907172025y3eb04041x8ecb28b099c8845c@mail.gmail.com>
	<200907180343.n6I3hrCR071833@banyan.cs.ait.ac.th>
	<ee9dc2b40907172153h674fe2a9ua2a33be3d6054086@mail.gmail.com>
	<20090719112802.GA77843@ei.bzerk.org>
	<ee9dc2b40907192237x3c65b9cy11ce9ba5f8687891@mail.gmail.com>
X-Virus-Scanned: on CSIM by amavisd-milter (http://www.amavis.org/)
Cc: mail25@bzerk.org, ruel.freebsd@gmail.com, freebsd-questions@freebsd.org
Subject: Re: Samba PDC with LDAP backend
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2009 05:41:58 -0000

Rhuel,

In your starting command you have:

> ldaps://192.168.5.0/ ldap://127.0.0.1/"'

This means TLS/SSL. If you don't want it, remove it from your command.

> Is it necessary to have ssl/tls support?

It is up to you. TLS/SSL will bring some extra security. It may be
important if the network between your LDAP and your samba servers is
unsecure.

Bests,

Olivier