Hello everybody,
I been trying hard to get sssd to work on a new CentOS 7 workstation.
sssd --version
1.14.0
# working ldapsearch command and output
https://paste.fedoraproject.org/paste/L3Uv8Mg6FMuLlIHXkL5~0Q/raw
The problem is I am at a customer that has an old Windows 2008 AD server
with Unix tools and the uidNumber, gidNumber, unixHomeDirectory and
loginShell need to be used, so that my nfs shares have the correct mapping.
They used an old NIS server in the passed but it is broken and has no AD
connection any more.
I can not seem to bind to the RootDSE without using a username and
password, see the ldapsearch command, i tried converting the
"[email protected]" to a cn path, but whatever i try i get a " additional
info: 80090308: LdapErr: DSID-0C0903A8, comment: AcceptSecurityContext
error, data 52e, v1db1" back.
My sssd just keeps loging: ([sssd[be[default]]] [dp_req_reply_gen_error]
(0x0080): DP Request [Subdomains #0]: Finished. Target is not supported
with this configuration.
[root@vsxtest01 ~]# cat /etc/sssd/sssd.conf
[domain/default]
id_provider = ldap
auth_provider = ldap
chpass_provider = ldap
ldap_uri = ldap://sw008.wdm.local/
ldap_search_base = ou=COMPANY,dc=wdm,dc=local
#ldap_schema = rfc2307bis
#ldap_user_home_directory = unixHomeDirectory
#ldap_tls_reqcert = allow
#ldap_id_use_start_tls = True
ldap_tls_cacertdir = /etc/openldap/cacerts
debug_level = 5
autofs_provider = ldap
#ldap_default_bind_dn = cn=LDAP,ou=Users,ou=COMPANY,dc=wdm,dc=local
ldap_default_bind_dn = [email protected]
ldap_default_authtok = *secret*
ldap_default_authtok_type = password
cache_credentials = True
[sssd]
config_file_version = 2
services = autofs
domains = default
[autofs]
I have no idea how to get my user authentication working with the
correct uidNumber, gidNumber mapping.
Can somebody maybe help?
Kind regards,
Jelle de Jong
_______________________________________________
sssd-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
