Hello --

We are running CentOS 7.2 on a virtual machine, and we are trying to set up LDAP authentication. The ldap packages that are currently installed on the system are the following:

python-sss 1.13.0-40.el7_2.4 python-sssdconfig 1.13.0-40.el7_2.4 sssd 1.13.0-40.el7_2.4 sssd-ad 1.13.0-40.el7_2.4 sssd-client 1.13.0-40.el7_2.4 sssd-common 1.13.0-40.el7_2.4 sssd-common-pac 1.13.0-40.el7_2.4 sssd-dbus 1.13.0-40.el7_2.4 sssd-ipa 1.13.0-40.el7_2.4 sssd-krb5 1.13.0-40.el7_2.4 sssd-krb5-common 1.13.0-40.el7_2.4 sssd-ldap 1.13.0-40.el7_2.4 sssd-libwbclient 1.13.0-40.el7_2.4 sssd-libwbclient-devel 1.13.0-40.el7_2.4 sssd-proxy 1.13.0-40.el7_2.4 sssd-tools 1.13.0-40.el7_2.4

I ran the following commands to set up LDAP/AD authentication:

# ln -s /bin/bash /bin/PHSshell # ln -s /home /PHShome # authconfig --enablesssdauth --enablemkhomedir --enablesssd -update # chkconfig sssd on # service sssd restart

Initially, I ran into problems because I had not created an sssd.conf file. Eventually I did create one, and its contents are the following:

[<domain>.org] enumate = true cache_credentials = TRUE

id_provider = ldap auth_provider = ldap chpass_provider = ldap

ldap_uri = ldap://ldap.<domain>.org ldap_search_base = dc=<domain>,dc=org tls_reqcert = demand ldap_tls_cacert /etc/pki/tls/certs/ca-bundle.crt

If there are any additions or corrections that I need to make, please let me know.

I reran the service sssd restart command, and the error message that I am seeing via journalctl -xe is the following:

Unit sssd.service has begun starting up. Jun 22 16:05:34 roadtest2.partners.org sssd[6384]: SSSD couldn't load the configuration database [5]: Input/output error. Jun 22 16:05:34 roadtest2.partners.org systemd[1]: sssd.service: control process exited, code=exited status=4 Jun 22 16:05:34 roadtest2.partners.org systemd[1]: Failed to start System Security Services Daemon. -- Subject: Unit sssd.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman.../systemd-develhttp://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit sssd.service has failed. -- -- The result is failed. Jun 22 16:05:34 roadtest2.partners.org systemd[1]: Unit sssd.service entered failed state. Jun 22 16:05:34 roadtest2.partners.org systemd[1]: sssd.service failed. Jun 22 16:05:34 roadtest2.partners.org polkitd[787]: Unregistered Authentication Agent for unix-process:6369:52587318 (system bus name :1.2287, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)

Any ideas?

The information in this e-mail is intended only for the person to whom it is addressed. If you believe this e-mail was sent to you in error and the e-mail contains patient information, please contact the Partners Compliance HelpLine at http://www.partners.org/complianceline . If the e-mail was sent to you in error but does not contain patient information, please contact the sender and properly dispose of the e-mail.