More debug info about LDAP?

Brad Lachel stuff at
Tue Oct 2 21:43:51 CEST 2007

I am having this same issue.  Did you ever find/get a solution?

On Mar 21, 2007, at 11:23 AM, rickan wrote:

> Hi guys,
> I am trying to establish a secure connection between freeradius and  
> a Novell eDirectory LDAP server. After configuring LDAP in  
> radiusd.conf it seemed to work, almost:
> rlm_ldap: ldap_get_conn: Checking Id: 0
> rlm_ldap: ldap_get_conn: Got Id: 0
> rlm_ldap: attempting LDAP reconnection
> rlm_ldap: (re)connect to, authentication 0
> rlm_ldap: setting TLS mode to 1
> rlm_ldap: setting TLS CACert File to /usr/local/etc/raddb/ 
> ldap_ca_cert.pem
> rlm_ldap: setting TLS Require Cert to demand
> rlm_ldap: starting TLS
> rlm_ldap: ldap_start_tls_s()
> rlm_ldap: could not start TLS Operations error
> rlm_ldap: (re)connection attempt failed
> Because I don't know how to get logs from the eDirectory side, I  
> recorded the traffic between both hosts and saw that the TLS  
> handshake had been done, both mashines had exchanged cipher key and  
> begun to send data. After 3 or 4 packets the LDAP server sent a  
> "encrypted alert" and disconnected. Since these data are encrypted  
> I could not see what happened indeed.
> My question: is it possible to get more debug info from the  
> freeradius side? If yes, how?
> Thanks,
> Rickan
> -
> List info/subscribe/unsubscribe? See 
> users.html

Brad Lachel
stuff at

All e-mail to and from this address is subject to the Acceptable Use Policies of Community High School District #155. All e-mail may be monitored and/or disclosed to third parties. Any views or opinions presented in an e-mail are solely those of the author and may not represent those of Community High School District #155.

Community High School District #155
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list