Enabling LDAP over TLS on the CIFS server

Before your CIFS server can use TLS for secure communication with an Active Directory LDAP server, you must modify the CIFS server security settings to enable LDAP over TLS.

Procedure

  1. Configure the CIFS server security setting that allows secure LDAP communication with Active Directory LDAP servers: vserver cifs security modify -vserver vserver_name -use-start-tls-for-ad-ldap true
  2. Verify that the LDAP over TLS security setting is set to true: vserver cifs security show -vserver vserver_name
    Note: If the SVM uses the same LDAP server for querying name-mapping or other UNIX information (such as users, groups, and netgroups), then you must also modify the -use-start-tls option by using the vserver services name-service ldap client modify command.