I have sssd 1.11.6 installed and without ldap_id_mapping=false everything works great.
If I want to use POSIX attributes and I do sssd fails:
(Thu Feb 12 12:46:27 2015) [sssd[be[corp.clima-tech.com]]] [load_backend_module] (0x0010): Error (5) in module (ad) initialization (sssm_ad_id_init)!
(Thu Feb 12 12:46:27 2015) [sssd[be[corp.clima-tech.com]]] [be_process_init] (0x0010): fatal error initializing data providers
(Thu Feb 12 12:46:27 2015) [sssd[be[corp.clima-tech.com]]] [main] (0x0010): Could not initialize backend [5]
[sssd]
services = nss, pam
config_file_version = 2
domains = corp.clima-tech.com
[nss]
[pam]
[domain/corp.clima-tech.com]
# Using id_provider=ad sets the best defaults on its own
id_provider = ad
# In sssd, the default access provider is always 'permit'. The AD access
# provider by default checks for account expiration
access_provider = ad
# Uncomment to use POSIX attributes on the server
ldap_id_mapping=False
# location of the keytab
krb5_keytab=/etc/krb5.sssd.keytab
#ldap_referrals = false
Wbinfo properly returns the posix attributes.
Wayne Andersen
On Thu, Feb 12, 2015 at 01:12:52PM -0700, Wayne Andersen wrote:
I have sssd 1.11.6 installed and without ldap_id_mapping=false everything works great.
If I want to use POSIX attributes and I do sssd fails:
(Thu Feb 12 12:46:27 2015) [sssd[be[corp.clima-tech.com]]] [load_backend_module] (0x0010): Error (5) in module (ad) initialization (sssm_ad_id_init)!
(Thu Feb 12 12:46:27 2015) [sssd[be[corp.clima-tech.com]]] [be_process_init] (0x0010): fatal error initializing data providers
(Thu Feb 12 12:46:27 2015) [sssd[be[corp.clima-tech.com]]] [main] (0x0010): Could not initialize backend [5]
Does it help to remove the cache (rm -f /var/lib/sss/db/cache_*.ldb)
If not, can you raise debug_level, restart SSSD and paste more context from the logs?
sssd-users@lists.fedorahosted.org