I had restarted the sssd services on server and client after updating the ldap_search_timeout value. I did let it run for much longer, ensuring sssd services were all reported as online when issuing systemctl status sssd on both server and client.
You will find logs for a failed login attempt to the freeipa client. The login attempt took place at 13:26. I was quite bothered by the face that the sssd_nss log on the server was not populated during this attempt, but was populated during the prior attempt that I shared. Is there a better way to identify if the sssd_nss service is running/online?
You mentioned: "SSSD on the client sends LDAP search with a specific control to LDAP server. This request is taken care of by a plugin in LDAP server code which issues a local request to SSSD using its API."
Is there a way to troubleshoot this specific process?
Server Logs https://privatebin.net/?862036054ee43408#82w4yEWnVV3hvz4JeU4hTacoMeArh4ETZiC... Client Logs https://privatebin.net/?f1e3f32ff85a5d84#HyQpVgLyNp9JASZhCHjeKxY1PVefqb7s5eR...
Heidi