On Wed, Aug 13, 2014 at 06:28:35PM +0200, Jakub Hrozek wrote: > On Wed, Aug 13, 2014 at 07:23:43AM -0700, Kat wrote: > > Hello fellow IPAers... > > > > Just wondering what I might be doing wrong. I have servers that just need to > > auth to the LDAP username/PW portion of IPA since they can't do Kerberos > > right now. > > > > What could I be missing -- I run the authconfig to setup and verify > > sssd.conf, but I continue to get: > > > > sshd[7010]: pam_sss(sshd:auth): received for user testuser: 9 > > (Authentication service cannot retrieve authentication info) > > > > The ports are open to the LDAP/IPA server, I can run ldapsearch commands, > > but it just won't authenticate. > > > > Any ideas? > > Can you post SSSD logs? > > The error code makes it sound like sssd can't reach the servers, but > it's very hard to tell from just that one line.
This turned out to be a certificate problem. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project