Bug 795502
Summary: | sssd fails to use ldap server | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Orion Poplawski <orion> | ||||
Component: | sssd | Assignee: | Stephen Gallagher <sgallagh> | ||||
Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 17 | CC: | jhrozek, sbose, sgallagh, ssorce | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2012-02-20 18:14:44 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
*** This bug has been marked as a duplicate of bug 771484 *** |
Created attachment 564492 [details] sssd logs Description of problem: Fresh F17 Alpha install. sssd cannot use the ldap server. Most relevant error seems to be: (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_rootdse_send] (0x4000): Getting rootdse (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][]. (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [*] (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [altServer] (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [namingContexts] (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedControl] (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedExtension] (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedFeatures] (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedLDAPVersion] (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedSASLMechanisms] (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [defaultNamingContext] (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [lastUSN] (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [highestCommittedUSN] (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x2000): ldap_search_ext called, msgid = 2 (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_process_result] (0x2000): Trace: sh[0x7f3a4c0e3910], connected[1], ops[0x7f3a4c0e2bb0], ldap[0x7f3a4c0d7c10] (Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_process_result] (0x0100): ldap_result gave -1, something bad happend! On ldap (389) server: [20/Feb/2012:10:46:35 -0700] conn=335859 fd=313 slot=313 connection from 10.10.41.12 to 10.10.10.1 [20/Feb/2012:10:46:35 -0700] conn=335859 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS" [20/Feb/2012:10:46:35 -0700] conn=335859 op=0 RESULT err=0 tag=120 nentries=0 etime=0 [20/Feb/2012:10:46:35 -0700] conn=335859 SSL 256-bit AES [20/Feb/2012:10:46:35 -0700] conn=335859 op=1 SRCH base="" scope=0 filter="(objectClass=*)" attrs="* altServer namingContexts supportedControl supportedExtension supportedFeatures supportedLDAPVersion supportedSASLMechanisms defaultnamingcontext lastusn highestcommittedusn aci" [20/Feb/2012:10:46:35 -0700] conn=335859 op=2 ABANDON targetop=1 msgid=2 nentries=0 etime=0 [20/Feb/2012:10:46:35 -0700] conn=335859 op=3 UNBIND [20/Feb/2012:10:46:35 -0700] conn=335859 op=3 fd=313 closed - U1 sssd.conf: [domain/default] ldap_id_use_start_tls = True cache_credentials = True ldap_search_base = dc=nwra,dc=com krb5_realm = CORA.NWRA.COM krb5_server = kerberos.cora.nwra.com id_provider = ldap auth_provider = krb5 chpass_provider = krb5 ldap_uri = ldap://ldap.cora.nwra.com/ krb5_kpasswd = kerberos.cora.nwra.com ldap_tls_cacertdir = /etc/openldap/cacerts debug_level = 0xFFF0 [sssd] services = nss, pam config_file_version = 2 domains = default debug_level = 0x00F0 [nss] [pam] [sudo] [autofs] [ssh] Version-Release number of selected component (if applicable): sssd-1.8.0-4.fc17.beta3.x86_64