Graham, you are probably a great deal more seasoned at this software than I am, but have you tried running the ldapsearch command in debug mode? Maybe you will find that your certs are expired, or in a weird place (which I am trying to learn how to adjust). Just a thought from someone who doesn't know too much, Warron -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
