Re: deactivate ldap.attrmap

Wed, 30 Jan 2008 06:39:18 -0800 

What struck me was that you need more attributes, but maybe I missed them:

-cacertfile
-certfile
-keyfile

   -Josiah


Sebastian Heil wrote:

Sebastian Heil wrote:
...

i added the following lines to the ldap-section:

...

rlm_ldap: could not start TLS Can't contact LDAP server

  Maybe you need to check that there is an LDAP server listening on that
port?

  Alan DeKok.



thanks for your fast answer, alan.
but i am afraid, this is not the solution... the ldap-server is listening and 
even responding to my ldap-request. i captured the communication between the 
freeradius and the edirectory with etherreal:

Someone any idea about the "Encrypted Alert" in no. 14?? Thanks.

---------------------
No.     Time        Source                Destination           Protocol Info
      1 0.000000    radtestclient       freeradius          RADIUS   
Access-Request(1) (id=74, l=58)

      3 0.000749    freeradius          edirectory          TCP      56302 > 
ldaps [SYN] Seq=0 Len=0 MSS=1460 TSV=445748676 TSER=0 WS=2

      5 0.012986    edirectory          freeradius          TCP      ldaps > 
56302 [SYN, ACK] Seq=0 Ack=1 Win=4380 Len=0 MSS=1460 WS=0 TSV=3386151196 
TSER=445748676

      6 0.013057    freeradius          edirectory          TCP      56302 > 
ldaps [ACK] Seq=1 Ack=1 Win=5840 Len=0 TSV=445748679 TSER=3386151196

      7 0.013639    freeradius          edirectory          SSLv2    Client 
Hello
8 0.021887 edirectory freeradius TLSv1 Server Hello, 
      9 0.022035    freeradius          edirectory          TCP      56302 > 
ldaps [ACK] Seq=143 Ack=1449 Win=8736 Len=0 TSV=445748682 TSER=3386151206

     10 0.030390    edirectory          freeradius          TLSv1    Certificate

     11 0.030550    freeradius          edirectory          TCP      56302 > 
ldaps [ACK] Seq=143 Ack=1946 Win=11632 Len=0 TSV=445748684 TSER=3386151215

     12 0.032263    freeradius          edirectory          TLSv1    Client Key 
Exchange, Change Cipher Spec, Encrypted Handshake Message

     13 0.048990    edirectory          freeradius          TLSv1    Change 
Cipher Spec, Encrypted Handshake Message

     14 0.049652    freeradius          edirectory          TLSv1    Encrypted 
Alert

     15 0.049923    freeradius          edirectory          TCP      56302 > 
ldaps [FIN, ACK] Seq=506 Ack=2005 Win=11632 Len=0 TSV=445748689 TSER=3386151237

     17 0.057441    edirectory          freeradius          TCP      ldaps > 
56302 [ACK] Seq=2005 Ack=507 Win=4885 Len=0 TSV=3386151247 TSER=445748689

     18 0.057774    edirectory          freeradius          TLSv1    Encrypted 
Alert

     19 0.057807    freeradius          edirectory          TCP      56302 > 
ldaps [RST] Seq=507 Len=0

     20 0.057880    edirectory          freeradius          TCP      ldaps > 
56302 [FIN, ACK] Seq=2042 Ack=507 Win=4885 Len=0 TSV=3386151247 TSER=445748689

     21 0.057903    freeradius          edirectory          TCP      56302 > 
ldaps [RST] Seq=507 Len=0




--
Wm. Josiah Erikson
Computing Support
School of Cognitive Science
Hampshire College
Amherst, MA 01002
(413) 559-6091

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to