--On Monday, May 11, 2015 10:31 PM +0000 Albert Braden <abraden@about.com> wrote:Hi Quanah, My concern is that it might be successfully negotiating TLS and then falling back to cleartext for some reason. I don't understand the significance of the "ssf=0" line.It's hard coded: /* log authorization identity */ Statslog( LDAP_DEBUG_STATS, "%s BIND dn=\"%s\" mech=%s ssf=0\n", op->o_log_prefix, op->o_conn->c_dn.bv_val, op->orb_mech.bv_val, 0, 0 ); so what you care about is the preceding lines.
See also <http://www.openldap.org/its/index.cgi/?findid=8140> --Quanah -- Quanah Gibson-Mount Platform Architect Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration