I'm trying to get sssd-ad working on FreeBSD 10 and am stymied by either getting SASL working or sssd coredumping. Any idea how to solve either of these problems, properly?
I've tried following the suggestion here: http://serverfault.com/a/633808/2101
but it's just made it worse - now sssd can't even start up.
My sssd.conf is:
Code:
==> /var/log/sssd/sssd_ad.smurf.net.log <==
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [sdap_cli_auth_step] (0x0100): expire timeout is 900
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [sasl_bind_send] (0x0100): Executing sasl bind mech: GSSAPI, user: gump$
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [sasl_bind_send] (0x0020): ldap_sasl_bind failed (-12)[Not Supported]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [sasl_bind_send] (0x0080): Extended failure message: [unknown error]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [child_sig_handler] (0x0100): child [50086] finished successfully.
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [fo_set_port_status] (0x0100): Marking port 389 of server 'ad2.ad.smurf.net' as 'not working'
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [be_run_offline_cb] (0x0080): Going offline. Running callbacks.
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [be_client_init] (0x0100): Set-up Backend ID timeout [0x806421f20]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [be_client_init] (0x0100): Set-up Backend ID timeout [0x806422160]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [client_registration] (0x0100): Cancel DP ID timeout [0x806422160]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [client_registration] (0x0100): Added Frontend client [PAM]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [client_registration] (0x0100): Cancel DP ID timeout [0x806421f20]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [client_registration] (0x0100): Added Frontend client [NSS]but it's just made it worse - now sssd can't even start up.
Code:
==> /var/log/sssd/sssd_ad.smurf.net.log <==
(Tue Mar 24 21:53:38 2015) [sssd[be[ad.smurf.net]]] [be_res_get_opts] (0x0100): Lookup order: ipv4_first
(Tue Mar 24 21:53:38 2015) [sssd[be[ad.smurf.net]]] [recreate_ares_channel] (0x0100): Initializing new c-ares channel
(Tue Mar 24 21:53:38 2015) [sssd[be[ad.smurf.net]]] [monitor_common_send_id] (0x0100): Sending ID: (%BE_ad.smurf.net,1)
(Tue Mar 24 21:53:38 2015) [sssd[be[ad.smurf.net]]] [sss_names_init_from_args] (0x0100): Using re [(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))].
(Tue Mar 24 21:53:38 2015) [sssd[be[ad.smurf.net]]] [sss_fqnames_init] (0x0100): Using fq format [%1$s@%2$s].
(Tue Mar 24 21:53:38 2015) [sssd[be[ad.smurf.net]]] [sss_fqnames_init] (0x0100): Found the pattern for domain name
==> /var/log/sssd/sssd.log <==
(Tue Mar 24 21:53:38 2015) [sssd] [mt_svc_exit_handler] (0x0010): Process [ad.smurf.net], definitely stopped!
==> /var/log/messages <==
Mar 24 21:53:38 gump root: /usr/local/etc/rc.d/sssd: WARNING: failed to start sssd
Mar 24 21:53:38 gump kernel: pid 10289 (sssd_be), uid 0: exited on signal 11 (core dumped)
Code:
[sssd]
services = nss, pam
config_file_version = 2
domains = ad.smurf.net
default_domain_suffix = ad.smurf.net
[nss]
[pam]
[domain/ad.smurf.net]
debug_level = 4
enumerate = true
cache_credentials = true
ldap_id_mapping = false
ldap_schema = ad
id_provider = ad
auth_provider = ad
access_provider = ad
chpass_provider = ad
default_shell = /usr/local/bin/bash
fallback_homedir = /home/%u