Hi Jakub,
On Wed, Jan 2, 2013 at 1:13 PM, Jakub Hrozek <jhrozek(a)redhat.com> wrote:
On Wed, Jan 02, 2013 at 10:52:00AM +0100, Marco Pizzoli wrote:
> Hi guys,
> I'm currently not able to get sssd working in connecting to an AD server
as
> a pure LDAPS server.
>
> I'm succeeding in connecting with a simple bind, but eventually I can't
get
> sssd downloading any data. It ends with a
> Search result: Operations error(1), 000004DC: LdapErr: DSID-0C0906E8,
> comment: In order to perform this operation a successful bind must be
> completed on the connection., data 0, v1db1
>
> By using ldapsearch (pointing to the same ldaps url) I can execute the
same
> search obtaining (correctly) 1 user.
> Honestly, I don't know what could be the problem... Any hint on a
> particular configuration directive to check?
>
> Full log following.
> I'm using sssd-1.8.0-32.el6.x86_64 on RHEL6.3
>
> Thanks in advance
> Marco
From the logs it seems that you are binding as "CN=baubau,OU=Service
Accounts,DC=testpippo,DC=local" but not using any bind password. Is this
the same setting that works for you with ldapsearch?
Shame on me...
In my sssd.conf I had:
ldap_default_authok_type = password
ldap_default_authok = my_password
Instead of
ldap_default_auth*t*ok_type = password
ldap_default_auth*t*ok = my_password
Now I managed to have it working. I admit I didn't noticed it before your
hint.
I just looked back at the logs, but I don't notice any hint about my error.
Should the sssd put a warning about a unknown/wrong directive?
Thanks a lot for your help!
Marco
@Ondrej: I'm sorry, but in this very case I couldn't share my configuration
before the approval of a currently-on-holiday manager. I would have done it
otherwise. Thanks anyway.
_______________________________________________
sssd-users mailing list
sssd-users(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users