-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/21/2013 02:25 PM, John Uhlig wrote:
thanks for your prompt reply. I have attached the sssd-default logfile.
The cacert dir has been rehashed using cacertdir_rehash command.
I have tried the "ldap_tls_cacert" parameter as well - no luck.
I have also tried TLS and SSL ldap client configs - again - no luck.
I believe I have done the openssl and ldapsearch tests as per ssd and ldap web docs to confirm that the certificates and TLS are working correctly.
According to that log, the user was retrieved successfully and added to the cache:
(Wed Aug 21 11:04:00 2013) [sssd[be[default]]] [sdap_get_users_process] (0x4000): Saving 1 Users - Done
The line: (Wed Aug 21 11:04:00 2013) [sssd[be[default]]] [sdap_process_result] (0x2000): Trace: ldap_result found nothing!
is actually just informational (it means that we've hit the end of the loop through lookups we're performing).
So what exactly do you see when you run 'getent passwd localjoe'?