Steve You only need one of these:
ldap_debug = 0xFFFF ldap_debug = 0x0001 ldap_debug = 0x0028 The 0xFFFF covers all the others. I have no other special TLS debug set - I just set it to 0x0001 normally, and 0xFFFF when more detail is needed, but TLS debug is available on either, IIRC. Also, only one of the other two is required: tls_cacertfile = /usr/local/etc/openldap/cacertder.pem tls_cacertdir = /usr/local/etc/openldap/demoCA The above are conflicting as the cert file is not in the demoCA directory indicated. Tarun -----Original Message----- From: Steve OBrien [mailto:[EMAIL PROTECTED] Sent: Wednesday, 24 March 2004 2:56 AM To: [EMAIL PROTECTED] Subject: RE: Using freeradius to authenticate users to a Windows 2000 AD Hmm, I don't get any TLS TRACE messages in my debug. Do we have the same debug tls settings? ldap_debug = 0xFFFF ldap_debug = 0x0001 ldap_debug = 0x0028 start_tls = no tls_cacertfile = /usr/local/etc/openldap/cacertder.pem tls_cacertdir = /usr/local/etc/openldap/demoCA #tls_mode = no NOTICE This e-mail and any attachments are confidential and may contain copyright material of Macquarie Bank or third parties. If you are not the intended recipient of this email you should not read, print, re-transmit, store or act in reliance on this e-mail or any attachments, and should destroy all copies of them. Macquarie Bank does not guarantee the integrity of any emails or any attached files. The views or opinions expressed are the author's own and may not reflect the views or opinions of Macquarie Bank. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
