On Tue, 2011-09-27 at 16:26 +0200, Jan Zelený wrote:
> On Tue, Sep 27, 2011 at 03:56:57PM +0200, Ondrej Valousek
wrote:
> > Hi List,
> >
> > I experience sometimes sssd reports certain users as not existing -
>
> > symptoms in log are the following:
> That's because at the time the request came, the SSSD back end was
> marked as "offline" and the user was not cached.
Yes, as you suspect, here is your problem: "ldap_result gave -1, something bad
happend"
However, I don't know the reason why that is.
Yeah, we see this every once in a while. Usually it means that Active
Directory returned something that violates the LDAP protocol.
Unfortunately, the openldap libraries don't provide us any way to ask
what error it actually detected.
But the short version is that it's nearly always a server issue.