No, it's a bug in SSSD.
6.6 is already quite old in SSSD terms, could you please try a newer
version from this COPR repo?
1.12.5 is more-or-less equivalent to what 6.7 will include..
Thanks! I installed that version, and now I get a different error: (Wed Jun 24 20:21:26 2015) [sssd[be[AD.EXAMPLE.COM]]] [sasl_bind_send] (0x0100): Executing sasl bind mech: gssapi, user: MACHINE$ (Wed Jun 24 20:21:26 2015) [sssd[be[AD.EXAMPLE.COM]]] [sasl_bind_send] (0x0020): ldap_sasl_bind failed (-2)[Local error] (Wed Jun 24 20:21:26 2015) [sssd[be[AD.EXAMPLE.COM]]] [sasl_bind_send] (0x0080): Extended failure message: [SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)] (Wed Jun 24 20:21:26 2015) [sssd[be[AD.EXAMPLE.COM]]] [child_sig_handler] (0x1000): Waiting for child [22372]. (Wed Jun 24 20:21:26 2015) [sssd[be[AD.EXAMPLE.COM]]] [child_sig_handler] (0x0100): child [22372] finished successfully. (Wed Jun 24 20:21:26 2015) [sssd[be[AD.EXAMPLE.COM]]] [fo_set_port_status] (0x0100): Marking port 389 of server 'foo-ad02.a.foo.com' as 'not working'
(I hope this gets threaded properly, I didn't get the reply to my mailbox, but read your answer on the archive web)
Best regards, Carl
sssd-users@lists.fedorahosted.org