diff options
-rw-r--r-- | WHATSNEW.txt | 5 | ||||
-rw-r--r-- | selftest/knownfail.d/net_ads_tls | 1 | ||||
-rwxr-xr-x | source3/libads/ldap.c | 4 |
3 files changed, 9 insertions, 1 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 219afb712c8..e7b46a7b159 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -22,6 +22,11 @@ The "ldap ssl ads" option no longer depends on "ldap ssl" option: With this release, the "ldap ssl ads" can be set to "yes" even if "ldap ssl" is off. +The "ldap ssl ads" no longer requires sasl-wrapping to be set to plain: +----------------------------------------------------------------------- +This is now done implicitly when over TLS, so "client ldap sasl wrapping" +does not need to be set to "plain" in order for it to work. + REMOVED FEATURES ================ diff --git a/selftest/knownfail.d/net_ads_tls b/selftest/knownfail.d/net_ads_tls deleted file mode 100644 index 251c948b6a9..00000000000 --- a/selftest/knownfail.d/net_ads_tls +++ /dev/null @@ -1 +0,0 @@ -^samba4.blackbox.net_ads_tls diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 099a6a2ee1d..1ffe96d32c9 100755 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -707,6 +707,10 @@ got_connection: if (!ADS_ERR_OK(status)) { goto out; } + if (!ads_set_sasl_wrap_flags(ads, 0)) { + status = ADS_ERROR(LDAP_OPERATIONS_ERROR); + goto out; + } } /* fill in the current time and offsets */ |