[CentOS] sssd.conf file missing
Kaplan, Andrew H.
AHKAPLAN at PARTNERS.ORG
Thu Jun 23 12:23:22 UTC 2016
We are running CentOS 7.2 on a virtual machine, and we are trying to set up LDAP authentication. The ldap packages that are currently installed on the system are the following:
I ran the following commands to set up LDAP/AD authentication:
# ln -s /bin/bash /bin/PHSshell
# ln -s /home /PHShome
# authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
# chkconfig sssd on
# service sssd restart
Initially, I ran into problems because I had not created an sssd.conf file. Eventually I did create one, and its contents are the following:
enumate = true
cache_credentials = TRUE
id_provider = ldap
auth_provider = ldap
chpass_provider = ldap
ldap_uri = ldap://ldap.<domain>.org
ldap_search_base = dc=<domain>,dc=org
tls_reqcert = demand
If there are any additions or corrections that I need to make, please let me know.
I reran the service sssd restart command, and the error message that I am seeing via journalctl -xe is the following:
Unit sssd.service has begun starting up.
Jun 22 16:05:34 roadtest2.partners.org sssd: SSSD couldn't load the configuration database : Input/output error.
Jun 22 16:05:34 roadtest2.partners.org systemd: sssd.service: control process exited, code=exited status=4
Jun 22 16:05:34 roadtest2.partners.org systemd: Failed to start System Security Services Daemon.
-- Subject: Unit sssd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman.../systemd-devel<http://lists.freedesktop.org/mailman/listinfo/systemd-devel>
-- Unit sssd.service has failed.
-- The result is failed.
Jun 22 16:05:34 roadtest2.partners.org systemd: Unit sssd.service entered failed state.
Jun 22 16:05:34 roadtest2.partners.org systemd: sssd.service failed.
Jun 22 16:05:34 roadtest2.partners.org polkitd: Unregistered Authentication Agent for unix-process:6369:52587318 (system bus name :1.2287,
object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
The information in this e-mail is intended only for the person to whom it is
addressed. If you believe this e-mail was sent to you in error and the e-mail
contains patient information, please contact the Partners Compliance HelpLine at
http://www.partners.org/complianceline . If the e-mail was sent to you in error
but does not contain patient information, please contact the sender and properly
dispose of the e-mail.
More information about the CentOS