Hi. I am using rhel 6.3, with sssd-1.8.0 and openldap-servers-2.4.23-26, the kernel is 2.6.32-279.2.1.el6.x86_64. The problem I'm having is I get this error message in messages file. "sssd[be[default]]: Could not start TLS encryption. TLS error -5938:Encountered end of file" I started sssd with debugging set to 9. Errors I saw in sssd_default.log is: [dp_get_options] (0x0400): Option ldap_sasl_minssf has value -1 [get_port_status] (0x1000): Port status of port 389 for server 'ibm-01.flamengro.co.za' is 'not working' When I add new users I cannot log in with the new names, a ldapseach shows them but getent passwd nothing. Not all the users show up on my other machines either. Any help will be appreciated. My slapd.conf file looks like this. include /etc/openldap/schema/corba.schema include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/duaconf.schema include /etc/openldap/schema/dyngroup.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/java.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/openldap.schema include /etc/openldap/schema/ppolicy.schema include /etc/openldap/schema/collective.schema allow bind_v2 pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args database bdb suffix "dc=flamengro,dc=com" checkpoint 1024 15 rootdn "cn=Manager,dc=flamengro,dc=com" rootpw secret directory /var/lib/ldap/flamengro index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub database monitoraccess to * by dn.exact="cn=Manager,dc=flamengro,dc=com" read by * none access to attrs=userPassword,shadowLastChange by anonymous auth by self write by * none My sssd.conf file looks like this [sssd] config_file_version = 2 reconnection_retries = 3 sbus_timeout = 30 services = nss, pam domains = default [nss] filter_groups = root filter_users = root reconnection_retries = 3 [pam] reconnection_retries = 3 [domain/default] auth_provider = ldap cache_credentials = True ldap_id_use_start_tls = True debug_level = 9 ldap_search_base = dc=flamengro,dc=com # krb5_realm = EXAMPLE.COM chpass_provider = ldap id_provider = ldap ldap_uri = ldap://ibm-01.flamengro.co.za # krb5_kdcip = kerberos.example.com ldap_tls_cacertdir = /etc/openldap/cacerts enumerate = True ldap_sasl_canonicalize = true # krb5_server = kerberos.example.com |
begin:vcard fn:Chris du Preez n:du Preez;Chris org:Flamengro adr:;;;Pretoria;;;RSA tel;work:+27 (0)124282989 tel;fax:+27 (0)124282061 tel;cell:+27 (0)836337420 version:2.1 end:vcard