LDAP Result Code 8 "Strong Auth Required": BindSimple: Transport encryption required

The commands by @giacomo need a little fix:

  mkdir -p /etc/e-smith/templates-custom/var/lib/machines/nsdc/etc/samba/smb.conf.include/ 
- echo "ldap server require strong auth = no" > 20notls
+ echo "ldap server require strong auth = no" > /etc/e-smith/templates-custom/var/lib/machines/nsdc/etc/samba/smb.conf.include/20notls
  expand-template /var/lib/machines/nsdc/etc/samba/smb.conf.include
  systemctl restart nsdc

Instead of creating a template-custom, you could try to edit the [global] section of /var/lib/machines/nsdc/etc/samba/smb.conf and add the following directive:

ldap server require strong auth = no

Then restart the nsdc Samba instance:

systemctl reload nsdc

They probably allow clear text passwords by default. I’d prefer to provide a safe default setting.

4 Likes