<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hi.<br>
<br>
I am using rhel 6.3, with sssd-1.8.0 and openldap-servers-2.4.23-26,
the kernel is 2.6.32-279.2.1.el6.x86_64.<br>
The problem I'm having is I get this error message in messages file.<br>
<br>
"sssd[be[default]]: Could not start TLS encryption. TLS error
-5938:Encountered end of file"<br>
Errors I saw in sssd_default.log<br>
<br>
When I add new users I cannot log in with the new names, a ldapseach
shows them but getent passwd nothing.<br>
Not all the users show up on my other machines, only some.<br>
<br>
Any help will be appreciated.<br>
<br>
<br>
<big>My slapd.conf file looks like this.</big><br>
<br>
<i>include /etc/openldap/schema/corba.schema<br>
include /etc/openldap/schema/core.schema<br>
include /etc/openldap/schema/cosine.schema<br>
include /etc/openldap/schema/duaconf.schema<br>
include /etc/openldap/schema/dyngroup.schema<br>
include /etc/openldap/schema/inetorgperson.schema<br>
include /etc/openldap/schema/java.schema<br>
include /etc/openldap/schema/misc.schema<br>
include /etc/openldap/schema/nis.schema<br>
include /etc/openldap/schema/openldap.schema<br>
include /etc/openldap/schema/ppolicy.schema<br>
include /etc/openldap/schema/collective.schema<br>
<br>
allow bind_v2<br>
<br>
pidfile /var/run/openldap/slapd.pid<br>
argsfile /var/run/openldap/slapd.args<br>
<br>
database bdb<br>
suffix "dc=flamengro,dc=com"<br>
checkpoint 1024 15<br>
rootdn "cn=Manager,dc=flamengro,dc=com"<br>
<br>
rootpw secret<br>
<br>
directory /var/lib/ldap/flamengro<br>
<br>
index objectClass eq,pres<br>
index ou,cn,mail,surname,givenname eq,pres,sub<br>
index uidNumber,gidNumber,loginShell eq,pres<br>
index uid,memberUid eq,pres,sub<br>
index nisMapName,nisMapEntry eq,pres,sub<br>
<br>
database monitoraccess to *<br>
by dn.exact="cn=Manager,dc=flamengro,dc=com" read<br>
by * none<br>
access to attrs=userPassword,shadowLastChange<br>
by anonymous auth<br>
by self write<br>
by * none</i><br>
<br>
<big>My sssd.conf file looks like this</big><br>
<i><br>
[sssd]<br>
config_file_version = 2<br>
<br>
reconnection_retries = 3<br>
<br>
sbus_timeout = 30<br>
services = nss, pam<br>
<br>
domains = default<br>
<br>
[nss]<br>
filter_groups = root<br>
filter_users = root<br>
reconnection_retries = 3<br>
<br>
[pam]<br>
reconnection_retries = 3<br>
<br>
[domain/default]<br>
auth_provider = ldap<br>
cache_credentials = True<br>
ldap_id_use_start_tls = True<br>
debug_level = 9<br>
ldap_search_base = dc=flamengro,dc=com<br>
# krb5_realm = EXAMPLE.COM<br>
chpass_provider = ldap<br>
id_provider = ldap<br>
ldap_uri = <a class="moz-txt-link-freetext" href="ldap://ibm-01.flamengro.co.za">ldap://ibm-01.flamengro.co.za</a><br>
# krb5_kdcip = kerberos.example.com<br>
ldap_tls_cacertdir = /etc/openldap/cacerts<br>
enumerate = True<br>
ldap_sasl_canonicalize = true<br>
# krb5_server = kerberos.example.com<br>
<br>
<br>
<br>
</i><br>
<br>
<br>
<br>
<br>
<br>
</body>
</html>