Hi, I use sssd on all servers in our infrastruceture. Most of them Redhat, Centos and debian. It works very well with these OSes. And we have some gentoo linux machines. I had some difficulties configuring sssd when I want to use ldaps
[domain/LDAP] id_provider = ldap auth_provider = ldap chpass_provider = ldap ldap_schema = rfc2307 ldap_uri = ldaps://ldap.xxx.com ldap_chpass_uri = ldaps://ldap-provider.xxx.com ldap_search_base = dc=xxx,dc=com ldap_tls_reqcert = allow cache_credentials = true enumerate = true entry_cache_timeout = 5400 ldap_user_gecos = uid When I use ldap_uri = ldap or ldap_uri = ldaps getent works, but logins are not working. There are interesting entries in log files; sssd_LDAP (Wed Oct 10 10:19:33 2012) [sssd[be[LDAP]]] [fo_new_service] (0x0080): Creating new service 'LDAP' (Wed Oct 10 10:19:33 2012) [sssd[be[LDAP]]] [fo_add_server] (0x0080): Adding new server 'ldap.xxx.com', to service 'LDAP' (Wed Oct 10 10:19:33 2012) [sssd[be[LDAP]]] [fo_new_service] (0x0080): Creating new service 'LDAP_CHPASS' (Wed Oct 10 10:19:33 2012) [sssd[be[LDAP]]] [fo_add_server] (0x0080): Adding new server 'ldap-provider.xxx.com', to service 'LDAP_CHPASS' (Wed Oct 10 10:19:33 2012) [sssd[be[LDAP]]] [sssm_ldap_sudo_init] (0x0080): Sudo init handler called but SSSD is built without sudo support, ignoring (Wed Oct 10 10:19:33 2012) [sssd[be[LDAP]]] [sssm_ldap_autofs_init] (0x0080): Autofs init handler called but SSSD is built without autofs support, ignoring (Wed Oct 10 10:19:33 2012) [sssd[be[LDAP]]] [be_process_init] (0x0020): No Session module provided for [LDAP] !! (Wed Oct 10 10:19:33 2012) [sssd[be[LDAP]]] [be_process_init] (0x0020): No host info module provided for [LDAP] !! (Wed Oct 10 10:19:33 2012) [sssd[be[LDAP]]] [main] (0x0020): Backend provider (LDAP) started! (Wed Oct 10 10:19:43 2012) [sssd[be[LDAP]]] [sdap_sys_connect_done] (0x0080): Failed to set LDAP SASL nocanon option to true. If your system is configured to use SASL, LDAP operations might fail. (Wed Oct 10 10:19:43 2012) [sssd[be[LDAP]]] [simple_bind_done] (0x0080): Bind result: Success(0), no errmsg set (Wed Oct 10 10:19:43 2012) [sssd[be[LDAP]]] [sdap_process_group_send] (0x0040): No Members. Done! (Wed Oct 10 10:19:43 2012) [sssd[be[LDAP]]] [sdap_process_group_send] (0x0040): No Members. Done! sssd_nss (Wed Oct 10 09:58:24 2012) [sssd[nss]] [nss_dp_reconnect_init] (0x0010): Could not reconnect to LDAP provider. (Wed Oct 10 09:58:54 2012) [sssd[nss]] [sbus_reconnect] (0x0080): Making reconnection attempt 8 to [unix:path=/var/lib/sss/pipes/private/sbus-dp_LDAP] (Wed Oct 10 09:58:54 2012) [sssd[nss]] [sbus_reconnect] (0x0020): Failed to open connection: name=org.freedesktop.DBus.Error.NoServer, message=Failed to connect to socket /var/lib/sss/pipes/private/sbus-dp_LDAP: Connection refused sssd_pam (Wed Oct 10 09:59:24 2012) [sssd[pam]] [pam_dp_reconnect_init] (0x0010): Could not reconnect to LDAP provider. (Wed Oct 10 09:59:54 2012) [sssd[pam]] [sbus_reconnect] (0x0080): Making reconnection attempt 10 to [unix:path=/var/lib/sss/pipes/private/sbus-dp_LDAP] (Wed Oct 10 09:59:54 2012) [sssd[pam]] [sbus_reconnect] (0x0020): Failed to open connection: name=org.freedesktop.DBus.Error.NoServer, message=Failed to connect to socket /var/lib/sss/pipes/private/sbus-dp_LDAP: Connection refused It says connection refused but there is no network issue with ldap servers, all ports opened. Could you pleasegive me advice resolving this issue? Thanks, AS
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
