More debug info about LDAP?

rickan rickan2000 at gmail.com
Wed Mar 21 17:23:56 CET 2007


Hi guys,

I am trying to establish a secure connection between freeradius and a Novell
eDirectory LDAP server. After configuring LDAP in radiusd.conf it seemed to
work, almost:

rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to 192.168.1.5:636, authentication 0
rlm_ldap: setting TLS mode to 1
rlm_ldap: setting TLS CACert File to /usr/local/etc/raddb/ldap_ca_cert.pem
rlm_ldap: setting TLS Require Cert to demand
rlm_ldap: starting TLS
rlm_ldap: ldap_start_tls_s()
rlm_ldap: could not start TLS Operations error
rlm_ldap: (re)connection attempt failed

Because I don't know how to get logs from the eDirectory side, I recorded
the traffic between both hosts and saw that the TLS handshake had been done,
both mashines had exchanged cipher key and begun to send data. After 3 or 4
packets the LDAP server sent a "encrypted alert" and disconnected. Since
these data are encrypted I could not see what happened indeed.

My question: is it possible to get more debug info from the freeradius side?
If yes, how?

Thanks,

Rickan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070321/c771ce0a/attachment.html>


More information about the Freeradius-Users mailing list