On Wed, Aug 21, 2013 at 02:25:20PM -0400, Stephen Gallagher wrote:
-----BEGIN PGP SIGNED MESSAGE-----
On 08/21/2013 02:25 PM, John Uhlig wrote:
> thanks for your prompt reply. I have attached the sssd-default
> The cacert dir has been rehashed using cacertdir_rehash command.
> I have tried the "ldap_tls_cacert" parameter as well - no luck.
> I have also tried TLS and SSL ldap client configs - again - no
> I believe I have done the openssl and ldapsearch tests as per ssd
> and ldap web docs to confirm that the certificates and TLS are
> working correctly.
According to that log, the user was retrieved successfully and added
to the cache:
(Wed Aug 21 11:04:00 2013) [sssd[be[default]]]
[sdap_get_users_process] (0x4000): Saving 1 Users - Done
(Wed Aug 21 11:04:00 2013) [sssd[be[default]]] [sdap_process_result]
(0x2000): Trace: ldap_result found nothing!
is actually just informational (it means that we've hit the end of the
loop through lookups we're performing).
So what exactly do you see when you run 'getent passwd localjoe'?
Also, what log message (if any) do you see in /var/log/secure coming
from the pam_sss module?