Remove depracated "ldap ssl ads" smb.conf option

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14462

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Tue Aug 11 10:53:05 UTC 2020 on sn-devel-184

WHATSNEW.txt

@@ -17,17 +17,6 @@ NEW FEATURES/CHANGES
 ====================
 
 
-The "ldap ssl ads" option no longer depends on "ldap ssl" option:
------------------------------------------------------------------
-With this release, the "ldap ssl ads" can be set to "yes" even if "ldap ssl"
-is off.
-
-The "ldap ssl ads" no longer requires sasl-wrapping to be set to plain:
------------------------------------------------------------------------
-This is now done implicitly when over TLS, so "client ldap sasl wrapping"
-does not need to be set to "plain" in order for it to work.
-
-
 CTDB CHANGES
 ============
 
@@ -44,12 +33,14 @@ CTDB CHANGES
 REMOVED FEATURES
 ================
 
+The deprecated "ldap ssl ads" smb.conf option has been removed.
 
 smb.conf changes
 ================
 
   Parameter Name                     Description                Default
   --------------                     -----------                -------
+  ldap ssl ads                       removed
 
 
 

docs-xml/smbdotconf/ldap/ldapsslads.xml

@@ -1,18 +0,0 @@
-<samba:parameter name="ldap ssl ads"
-                 context="G"
-                 type="boolean"
-		 deprecated="1"
-                 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
-<description>
-	<para>This option is used to define whether or not Samba should
-	use SSL when connecting to the ldap server using
-	<emphasis>ads</emphasis> methods.
-	Rpc methods are not affected by this parameter.
-	</para>
-
-	<para>See also <smbconfoption name="ldap ssl"/>.
-	</para>
-
-</description>
-<value type="default">no</value>
-</samba:parameter>

source3/libads/ldap.c

@@ -704,17 +704,6 @@ got_connection:
 
 	ldap_set_option(ads->ldap.ld, LDAP_OPT_PROTOCOL_VERSION, &version);
 
-	if ( lp_ldap_ssl_ads() ) {
-		status = ADS_ERROR(smbldap_start_tls_start(ads->ldap.ld, version));
-		if (!ADS_ERR_OK(status)) {
-			goto out;
-		}
-		if (!ads_set_sasl_wrap_flags(ads, 0)) {
-			status = ADS_ERROR(LDAP_OPERATIONS_ERROR);
-			goto out;
-		}
-	}
-
 	/* fill in the current time and offsets */
 
 	status = ads_current_time( ads );

source3/param/loadparm.c

@@ -740,7 +740,6 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
 
 	lpcfg_string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
 	Globals.ldap_ssl = LDAP_SSL_START_TLS;
-	Globals.ldap_ssl_ads = false;
 	Globals.ldap_deref = -1;
 	Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
 	Globals.ldap_delete_dn = false;