This has been discussed on samba-technical before.
3.3 and newer only!
Karolin
</listitem>
<listitem>
- <para><parameter moreinfo="none">Start_tls</parameter> = Use
+ <para><parameter moreinfo="none">start tls</parameter> = Use
the LDAPv3 StartTLS extended operation (RFC2830) for
communicating with the directory server.</para>
</listitem>
</itemizedlist>
</description>
-<value type="default">no</value>
+<value type="default">start tls</value>
</samba:parameter>
string_set(&Globals.szLdapIdmapSuffix, "");
string_set(&Globals.szLdapAdminDn, "");
- Globals.ldap_ssl = LDAP_SSL_OFF;
+ Globals.ldap_ssl = LDAP_SSL_START_TLS;
Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
Globals.ldap_delete_dn = False;
Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */