Re: sssd can't find sudo users

[Joshua Schaeffer <jschaeffer0922@gmail.com>]

I figured this out. Found this in slapd's log:

Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=0 BIND dn="" method=128
Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=0 RESULT tag=97 err=0 text=
Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=1 SRCH base="ou=SUDOers,dc=harmonywave,dc=com" scope=2 deref=0 filter="(&(objectClass=sudoRole)(cn=defaults))"
Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=1 SEARCH RESULT tag=101 err=13 nentries=0 text=TLS confidentiality required
Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=2 SRCH base="ou=SUDOers,dc=harmonywave,dc=com" scope=2 deref=0 filter="(&(objectClass=sudoRole)(|(sudoUser=jschaeffer)(sudoUser=%jschaeffer)(sudoUser=%#5000)(sudoUser=%administrator)(sudoUser=%sftp-users)(sudoUser=%wheel)(sudoUser=%#4000)(sudoUser=%#4001)(sudoUser=%#4002)(sudoUser=ALL)))"
Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=2 SEARCH RESULT tag=101 err=13 nentries=0 text=TLS confidentiality required
Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=3 SRCH base="ou=SUDOers,dc=harmonywave,dc=com" scope=2 deref=0 filter="(&(objectClass=sudoRole)(sudoUser=*)(sudoUser=+*))"
Feb 20 23:27:19 baneling slapd[22588]: conn=1058 op=3 SEARCH RESULT tag=101 err=13 nentries=0 text=TLS confidentiality required

I didn't have my /etc/ldap/ldap.conf file using start_tls so it wouldn't connect with TLS. I updated the URI parameter in the file to:

URI			ldap://baneling.harmonywave.com/????starttls

And it works now.

Thanks,
Joshua