On 15.10.2016 04:55, Roberto C. Sánchez wrote:
> On Thu, Oct 13, 2016 at 11:51:52AM +0200, Francesco Malvezzi wrote:
>> Package: sssd-ldap
>> Version: 1.14.1-1
>> Severity: important
>> Dear Maintainer,
>> pam-sss doesn't allow login to LDAP users:
> I too am affected by this. I just installed stretch on a new laptop (I
> need the newer kernel for hardware support) and when I configured sssd
> it simply didn't work. All my other machines (running jessie) work
> fine. I don't use LDAP for authentication (Kerberos handles that for
> me), but I do use it for user information. So, getent and id would not
> work. The problem (on the LDAP side) manifested itself by terminating
> the connection with this message: "An unexpected TLS packet was
> I obtained the 1.13.4-3 packages of the various sssd components and
> after I installed them everything worked.
> If there is something I can do to help identify the problem, please let
> me know.
this is filed upstream https://fedorahosted.org/sssd/ticket/3189
The pristine log actually looks like if sssd was crashing..could you
please check for sssd_be crashes in the syslog?
The failure in the "revert" log doesn't tell me much except that sssd is
thinking it cannot contact the LDAP server. Here I would like to ask for
strace logs, as described in
So could you provide such logs? Here or on the upstream ticket.