problem with freeradius and ldaps (Active Directory)

[Roberto S. G.]

Hi,

I'd like to thank you, Jose and Alan, for your information, and share my 
solution with u all:
I've finally installed stunnel in order to provide SSL to the connection 
with LDAPS. freeradius is configured to connect with LDAP locally, and 
stunnel takes this local connection and makes the SSL to the LDAPS 
server. It runs smoothly!.
I was unable to make freeradius 1.0.1 or 1.0.0 to run with LDAPS... no 
way... (it seemed that it didn't manage correctly LDAPS).

thanks.

 >From: Jose Tomas Ochayta <Jose.Ochayta at tirea.es>
 >Subject: Re: problem with freeradius and ldaps (Active Directory)

 >I'm using freeradius 1.0.2 with ldaps. I had the same problem 
(freeradius crash) due,
 >I think, to a bug in openldap or openssl libraries.
 >Now I have it working with stunnel to add the ssl layer.
 >Jose T.

 >>> Hi,
 >>>
 >>> I'm trying to configure freeradius (1.0.1) to use an ldaps server
 >>> (without start_tls, it's an Active Directory).
 >>> But I'm not able to obtain any response. In fact, the freeradius
 >>> crashes with just a:
 >>>
 >>> rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx:1074, id=88,
 >>> length=29
 >>> Discarding duplicate request from client localhost:1074 - ID: 88
 >>>
 >>> (client is localhost because I was using radclient, but remote
 >>> attempts show the same behaviour).
 >>>
 >>> Normal ldap against the same server is correct. For the ldaps
 >>> configuration I've added just:
 >>> port = 636
 >>> tls_require_cert        = "never"
 >>>
 >>> though even with the server certificate:
 >>> tls_certfile    = ./certs/xxxx_cacert.pem
 >>>
 >>> the result is the same.
 >>> I don't know which is the problem exactly...
 >>>
 >>> Has anyone sucessfully configured freeradius against an Active
 >>> Directory with LDAPS?
 >>> Any ideas are apreciated.
 >>>
 >>> thanks.
 >>>
 >>>
 >>> - List info/subscribe/unsubscribe? See
 >>> http://www.freeradius.org/list/users.html
 >>>