Hi Jakub, On Wed, Jan 2, 2013 at 1:13 PM, Jakub Hrozek <[email protected]> wrote:
> On Wed, Jan 02, 2013 at 10:52:00AM +0100, Marco Pizzoli wrote: > > Hi guys, > > I'm currently not able to get sssd working in connecting to an AD server > as > > a pure LDAPS server. > > > > I'm succeeding in connecting with a simple bind, but eventually I can't > get > > sssd downloading any data. It ends with a > > Search result: Operations error(1), 000004DC: LdapErr: DSID-0C0906E8, > > comment: In order to perform this operation a successful bind must be > > completed on the connection., data 0, v1db1 > > > > By using ldapsearch (pointing to the same ldaps url) I can execute the > same > > search obtaining (correctly) 1 user. > > Honestly, I don't know what could be the problem... Any hint on a > > particular configuration directive to check? > > > > Full log following. > > I'm using sssd-1.8.0-32.el6.x86_64 on RHEL6.3 > > > > Thanks in advance > > Marco > > From the logs it seems that you are binding as "CN=baubau,OU=Service > Accounts,DC=testpippo,DC=local" but not using any bind password. Is this > the same setting that works for you with ldapsearch? > Shame on me... In my sssd.conf I had: ldap_default_authok_type = password ldap_default_authok = my_password Instead of ldap_default_auth*t*ok_type = password ldap_default_auth*t*ok = my_password Now I managed to have it working. I admit I didn't noticed it before your hint. I just looked back at the logs, but I don't notice any hint about my error. Should the sssd put a warning about a unknown/wrong directive? Thanks a lot for your help! Marco @Ondrej: I'm sorry, but in this very case I couldn't share my configuration before the approval of a currently-on-holiday manager. I would have done it otherwise. Thanks anyway. > _______________________________________________ > sssd-users mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/sssd-users >
_______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
