hi, first of all - I am very sorry if this topic turned up in the mailing list before - I really did have a look at the archive and couldn't find anything like it.
Here's the problem. I set up an idmapping using the rid facility. It is working smoothly. I do have a question though. I logged some packets and realized the ldap queries are not encrypted. I wonder why since all the requiremens for a successful encryption are given. I do have a computer account in the Active Directory.. I can see a TGS-REQ and TGS-REP is fine too. In fact ldap even asks for available SASL mechanisms. After some negotiation it _successfully_ binds using GSS SPNEGO. But.. even after this successfully established encrypted bind it keeps querying in plain text. Is there anything I can do about it? For testing purposes I set "sasl_mech gssapi" in my ldap.conf but that didn't have any impact at all. regards, Roman -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba