Hey All
This is my first attempt at getting sssd working. A little background.
I have a RHEL 6 server that is located on a secure DMZ like subnet, there is an ldap server running on the network which I would like to authenticate my server to. I have followed several guides (sssd fedora guide, official red hat guide and several others), but just can't seem to get the binding to work.
I have tested binding with the ldapsearch commands and that seems to work, however SSSD continues to have issues.
I am binding on 389 with TLS. I can successfully bind and see all the users and other attributes with the following ldapsearch command:
This is what my /etc/sssd/sssd.conf looks like:
[sssd]
config_file_version = 2
services = nss, pam
domains = LDAP
[nss]
filter_groups = root
filter_users = root
reconnection_retries = 3
entry_cache_timeout = 300
[pam]
[domain/LDAP]
access_provider = ldap
id_provider = ldap
auth_provider = ldap
chpass_provider = ldap
access_provider = ldap
ldap_access_filter = allow
ldap_schema = rfc2307
ldap_search_base = o=MYORG
ldap_user_search_base = ou=PEOPLE,o=MYORG
enumerate = True
cache_credentials = true
ldap_tls_reqcert = allow
ldap_tls_cacertdir = /etc/openldap/certs
ldap_id_use_start_tls = true
ldap_default_bind_dn = cn=ldaplookup,o=services
ldap_default_authtok_type = password
ldap_default_authtok = XXXXXXXX
debug_level = 9
I have also tried binding anonymous, which also fails. This is what I see in my sssd log file:
Thanks!
--