Bug 795502 - sssd fails to use ldap server
sssd fails to use ldap server
Status: CLOSED DUPLICATE of bug 771484
Product: Fedora
Classification: Fedora
Component: sssd (Show other bugs)
17
All Linux
unspecified Severity high
: ---
: ---
Assigned To: Stephen Gallagher
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-02-20 13:03 EST by Orion Poplawski
Modified: 2012-02-20 13:14 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-02-20 13:14:44 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
sssd logs (9.46 KB, application/x-gzip)
2012-02-20 13:03 EST, Orion Poplawski
no flags Details

  None (edit)
Description Orion Poplawski 2012-02-20 13:03:31 EST
Created attachment 564492 [details]
sssd logs

Description of problem:

Fresh F17 Alpha install.  sssd cannot use the ldap server.

Most relevant error seems to be:

(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_rootdse_send] (0x4000): Getting rootdse
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][].
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [*]
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [altServer]
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [namingContexts]
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedControl]
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedExtension]
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedFeatures]
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedLDAPVersion]
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedSASLMechanisms]
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [defaultNamingContext]
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [lastUSN]
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [highestCommittedUSN]
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_get_generic_ext_step] (0x2000): ldap_search_ext called, msgid = 2
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_process_result] (0x2000): Trace: sh[0x7f3a4c0e3910], connected[1], ops[0x7f3a4c0e2bb0], ldap[0x7f3a4c0d7c10]
(Mon Feb 20 11:01:25 2012) [sssd[be[default]]] [sdap_process_result] (0x0100): ldap_result gave -1, something bad happend!


On ldap (389) server:

[20/Feb/2012:10:46:35 -0700] conn=335859 fd=313 slot=313 connection from 10.10.41.12 to 10.10.10.1
[20/Feb/2012:10:46:35 -0700] conn=335859 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[20/Feb/2012:10:46:35 -0700] conn=335859 op=0 RESULT err=0 tag=120 nentries=0 etime=0
[20/Feb/2012:10:46:35 -0700] conn=335859 SSL 256-bit AES
[20/Feb/2012:10:46:35 -0700] conn=335859 op=1 SRCH base="" scope=0 filter="(objectClass=*)" attrs="* altServer namingContexts supportedControl supportedExtension supportedFeatures supportedLDAPVersion supportedSASLMechanisms defaultnamingcontext lastusn highestcommittedusn aci"
[20/Feb/2012:10:46:35 -0700] conn=335859 op=2 ABANDON targetop=1 msgid=2 nentries=0 etime=0
[20/Feb/2012:10:46:35 -0700] conn=335859 op=3 UNBIND
[20/Feb/2012:10:46:35 -0700] conn=335859 op=3 fd=313 closed - U1


sssd.conf:
[domain/default]

ldap_id_use_start_tls = True
cache_credentials = True
ldap_search_base = dc=nwra,dc=com
krb5_realm = CORA.NWRA.COM
krb5_server = kerberos.cora.nwra.com
id_provider = ldap
auth_provider = krb5
chpass_provider = krb5
ldap_uri = ldap://ldap.cora.nwra.com/
krb5_kpasswd = kerberos.cora.nwra.com
ldap_tls_cacertdir = /etc/openldap/cacerts
debug_level = 0xFFF0

[sssd]
services = nss, pam
config_file_version = 2

domains = default
debug_level = 0x00F0
[nss]

[pam]

[sudo]

[autofs]

[ssh]


Version-Release number of selected component (if applicable):
sssd-1.8.0-4.fc17.beta3.x86_64
Comment 1 Simo Sorce 2012-02-20 13:14:44 EST

*** This bug has been marked as a duplicate of bug 771484 ***

Note You need to log in before you can comment on or make changes to this bug.