[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[rhelv6-list] Openldap Problem



Hi.

I am using rhel 6.3, with sssd-1.8.0 and openldap-servers-2.4.23-26, the kernel is 2.6.32-279.2.1.el6.x86_64.
The problem I'm having is I get this error message in messages file.

"sssd[be[default]]: Could not start TLS encryption. TLS error -5938:Encountered end of file"
 Errors I saw in sssd_default.log

When I add new users I cannot log in with the new names, a ldapseach shows them but getent passwd nothing.
Not all the users show up on my other machines, only some.

Any help will be appreciated.


My slapd.conf file looks like this.

include         /etc/openldap/schema/corba.schema
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/duaconf.schema
include         /etc/openldap/schema/dyngroup.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/java.schema
include         /etc/openldap/schema/misc.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/openldap.schema
include         /etc/openldap/schema/ppolicy.schema
include         /etc/openldap/schema/collective.schema

allow bind_v2

pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args

database        bdb
suffix          "dc=flamengro,dc=com"
checkpoint      1024 15
rootdn          "cn=Manager,dc=flamengro,dc=com"

rootpw  secret

directory       /var/lib/ldap/flamengro

index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub

database monitoraccess to *
        by dn.exact="cn=Manager,dc=flamengro,dc=com" read
        by * none
access to attrs=userPassword,shadowLastChange
        by anonymous auth
        by self write
        by * none


My sssd.conf file looks like this

[sssd]
config_file_version = 2

reconnection_retries = 3

sbus_timeout = 30
services = nss, pam

domains = default

[nss]
filter_groups = root
filter_users = root
reconnection_retries = 3

[pam]
reconnection_retries = 3

[domain/default]
auth_provider = ldap
cache_credentials = True
ldap_id_use_start_tls = True
debug_level = 9
ldap_search_base = dc=flamengro,dc=com
# krb5_realm = EXAMPLE.COM
chpass_provider = ldap
id_provider = ldap
ldap_uri = ldap://ibm-01.flamengro.co.za
# krb5_kdcip = kerberos.example.com
ldap_tls_cacertdir = /etc/openldap/cacerts
enumerate = True
ldap_sasl_canonicalize = true
# krb5_server = kerberos.example.com









begin:vcard
fn:Chris du Preez
n:du Preez;Chris
org:Flamengro
adr:;;;Pretoria;;;RSA
tel;work:+27 (0)124282989
tel;fax:+27 (0)124282061
tel;cell:+27 (0)836337420
version:2.1
end:vcard


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]