I'm new to SSSD but I think I've configured it correctly considering id {ldap user}
returns the expected uid and gid values for multiple test users. I'm using two CentOS 6.4 servers as test machines. One running ApacheDS and the other SSSD. However, when I attempt to login via ssh or directly on the console, using any one of those users, I get access denied. I've spent the last few days pouring over the SSSD logs and I'm not sure where else to look. Rather than include all of the config files I'll just say for now that I ran the following authconfig --enablesssd --enablesssdauth --enablelocauthorize --update
on the client server. Check below for my SSSD config and here for SSSD_Default log. Let me know what additional logs you would like to see and I'll pull them ASAP.
Thanks for your help!
cat /etc/sssd/sssd.conf [sssd] config_file_version = 2 services = nss, pam domains = default debug_level = 4 [nss] filter_users = root debug_level = 4 [pam] debug_level = 4 [domain/default] debug_level = 4 ldap_tls_reqcert = never auth_provider = ldap ldap_schema = rfc2307 ldap_search_base = dc=example,dc=net #ldap_group_member = memberUid id_provider = ldap ldap_id_use_start_tls = True chpass_provider = ldap ldap_uri = ldap://sea-ldap-01.app.example.net:10389 cache_credentials = False ldap_tls_cacertdir = /etc/openldap/certs ldap_tls_cacert = /etc/openldap/certs/sea-ldap-01.pem entry_cache_timeout = 600 ldap_network_timeout = 3 #ldap_access_filter = ldap_user_search_base = ou=people,dc=example,dc=net ldap_group_search_base = ou=groups,dc=example,dc=net