<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Hi.<br>
    <br>
    I am using rhel 6.3, with sssd-1.8.0 and openldap-servers-2.4.23-26,
    the kernel is 2.6.32-279.2.1.el6.x86_64.<br>
    The problem I'm having is I get this error message in messages file.<br>
    <br>
    "sssd[be[default]]: Could not start TLS encryption. TLS error
    -5938:Encountered end of file"<br>
     Errors I saw in sssd_default.log<br>
    <br>
    When I add new users I cannot log in with the new names, a ldapseach
    shows them but getent passwd nothing.<br>
    Not all the users show up on my other machines, only some.<br>
    <br>
    Any help will be appreciated.<br>
    <br>
    <br>
    <big>My slapd.conf file looks like this.</big><br>
    <br>
    <i>include         /etc/openldap/schema/corba.schema<br>
      include         /etc/openldap/schema/core.schema<br>
      include         /etc/openldap/schema/cosine.schema<br>
      include         /etc/openldap/schema/duaconf.schema<br>
      include         /etc/openldap/schema/dyngroup.schema<br>
      include         /etc/openldap/schema/inetorgperson.schema<br>
      include         /etc/openldap/schema/java.schema<br>
      include         /etc/openldap/schema/misc.schema<br>
      include         /etc/openldap/schema/nis.schema<br>
      include         /etc/openldap/schema/openldap.schema<br>
      include         /etc/openldap/schema/ppolicy.schema<br>
      include         /etc/openldap/schema/collective.schema<br>
      <br>
      allow bind_v2<br>
      <br>
      pidfile         /var/run/openldap/slapd.pid<br>
      argsfile        /var/run/openldap/slapd.args<br>
      <br>
      database        bdb<br>
      suffix          "dc=flamengro,dc=com"<br>
      checkpoint      1024 15<br>
      rootdn          "cn=Manager,dc=flamengro,dc=com"<br>
      <br>
      rootpw  secret<br>
      <br>
      directory       /var/lib/ldap/flamengro<br>
      <br>
      index objectClass                       eq,pres<br>
      index ou,cn,mail,surname,givenname      eq,pres,sub<br>
      index uidNumber,gidNumber,loginShell    eq,pres<br>
      index uid,memberUid                     eq,pres,sub<br>
      index nisMapName,nisMapEntry            eq,pres,sub<br>
      <br>
      database monitoraccess to *<br>
              by dn.exact="cn=Manager,dc=flamengro,dc=com" read<br>
              by * none<br>
      access to attrs=userPassword,shadowLastChange<br>
              by anonymous auth<br>
              by self write<br>
              by * none</i><br>
    <br>
    <big>My sssd.conf file looks like this</big><br>
    <i><br>
      [sssd]<br>
      config_file_version = 2<br>
      <br>
      reconnection_retries = 3<br>
      <br>
      sbus_timeout = 30<br>
      services = nss, pam<br>
      <br>
      domains = default<br>
      <br>
      [nss]<br>
      filter_groups = root<br>
      filter_users = root<br>
      reconnection_retries = 3<br>
      <br>
      [pam]<br>
      reconnection_retries = 3<br>
      <br>
      [domain/default]<br>
      auth_provider = ldap<br>
      cache_credentials = True<br>
      ldap_id_use_start_tls = True<br>
      debug_level = 9<br>
      ldap_search_base = dc=flamengro,dc=com<br>
      # krb5_realm = EXAMPLE.COM<br>
      chpass_provider = ldap<br>
      id_provider = ldap<br>
      ldap_uri = <a class="moz-txt-link-freetext" href="ldap://ibm-01.flamengro.co.za">ldap://ibm-01.flamengro.co.za</a><br>
      # krb5_kdcip = kerberos.example.com<br>
      ldap_tls_cacertdir = /etc/openldap/cacerts<br>
      enumerate = True<br>
      ldap_sasl_canonicalize = true<br>
      # krb5_server = kerberos.example.com<br>
      <br>
      <br>
      <br>
    </i><br>
    <br>
    <br>
    <br>
    <br>
    <br>
  </body>
</html>