[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Openldap and sssd: getting slapd to do TLS negotiation or getting sssd to NOT do TLS negotiation



At Thu, 28 Sep 2017 22:21:51 -0400 Douglas Duckworth <dod2014@med.cornell.edu> wrote:

> 
> 
> 
> SSSD should be configured to bind TLS with ldap:389 not ldaps:636.
> Increase SSSD log verbosity to get more information.  I have also found
> that slapd logging can help determine bind issues.

Slapd is just loging a TLS negotiation failure and I don't know how to get 
slapd to be more specific.

â?? slapd.service - OpenLDAP Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/slapd.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2017-09-29 10:45:02 EDT; 12min ago
     Docs: man:slapd
           man:slapd-config
           man:slapd-hdb
           man:slapd-mdb
           file:///usr/share/doc/openldap-servers/guide.html
  Process: 20310 ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS (code=exited, status=0/SUCCESS)
  Process: 20271 ExecStartPre=/usr/libexec/openldap/check-config.sh (code=exited, status=0/SUCCESS)
 Main PID: 20312 (slapd)
   CGroup: /system.slice/slapd.service
           â??â??20312 /usr/sbin/slapd -u ldap -h ldapi:/// ldap://127.0.0.1/ ldap://192.168.250.98/ ldaps:/// -s 30

Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on 2 descriptors
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 busy
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: connection_closing: readying conn=1010 sd=13 for close
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: removing 13
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: conn=1010 fd=13 closed (TLS negotiation failure)
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: listen=9, new connection on 13
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: added 13r (active) listener=(nil)
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: conn=1011 fd=13 ACCEPT from IP=192.168.250.98:47692 (IP=192.168.250.98:389)
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on 2 descriptors
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: conn=1011 op=0 EXT oid=1.3.6.1.4.1.1466.20037
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: do_extended: oid=1.3.6.1.4.1.1466.20037
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: conn=1011 op=0 STARTTLS
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: conn=1011 op=0 RESULT oid= err=0 text=
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: connection_closing: readying conn=1011 sd=13 for close
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: removing 13
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: conn=1011 fd=13 closed (TLS negotiation failure)
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:52:31 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 busy
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: listen=9, new connection on 13
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: added 13r (active) listener=(nil)
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: conn=1012 fd=13 ACCEPT from IP=192.168.250.98:47694 (IP=192.168.250.98:389)
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on 2 descriptors
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: conn=1012 op=0 EXT oid=1.3.6.1.4.1.1466.20037
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: do_extended: oid=1.3.6.1.4.1.1466.20037
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: conn=1012 op=0 STARTTLS
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: conn=1012 op=0 RESULT oid= err=0 text=
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on 2 descriptors
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 busy
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: connection_closing: readying conn=1012 sd=13 for close
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: removing 13
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: conn=1012 fd=13 closed (TLS negotiation failure)
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: listen=9, new connection on 13
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: added 13r (active) listener=(nil)
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: conn=1013 fd=13 ACCEPT from IP=192.168.250.98:47696 (IP=192.168.250.98:389)
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on 2 descriptors
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: conn=1013 op=0 EXT oid=1.3.6.1.4.1.1466.20037
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: do_extended: oid=1.3.6.1.4.1.1466.20037
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: conn=1013 op=0 STARTTLS
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: conn=1013 op=0 RESULT oid= err=0 text=
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: connection_closing: readying conn=1013 sd=13 for close
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: removing 13
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: conn=1013 fd=13 closed (TLS negotiation failure)
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:53:55 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 busy
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: listen=9, new connection on 13
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: added 13r (active) listener=(nil)
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: conn=1014 fd=13 ACCEPT from IP=192.168.250.98:47698 (IP=192.168.250.98:389)
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on 2 descriptors
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: conn=1014 op=0 EXT oid=1.3.6.1.4.1.1466.20037
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: do_extended: oid=1.3.6.1.4.1.1466.20037
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: conn=1014 op=0 STARTTLS
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: conn=1014 op=0 RESULT oid= err=0 text=
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on 2 descriptors
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 busy
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: connection_closing: readying conn=1014 sd=13 for close
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: removing 13
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: conn=1014 fd=13 closed (TLS negotiation failure)
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: listen=9, new connection on 13
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: added 13r (active) listener=(nil)
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: conn=1015 fd=13 ACCEPT from IP=192.168.250.98:47700 (IP=192.168.250.98:389)
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on 2 descriptors
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: conn=1015 op=0 EXT oid=1.3.6.1.4.1.1466.20037
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: do_extended: oid=1.3.6.1.4.1.1466.20037
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: conn=1015 op=0 STARTTLS
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: conn=1015 op=0 RESULT oid= err=0 text=
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: connection_closing: readying conn=1015 sd=13 for close
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: removing 13
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: conn=1015 fd=13 closed (TLS negotiation failure)
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:55:01 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 busy
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: listen=9, new connection on 13
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: added 13r (active) listener=(nil)
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: conn=1016 fd=13 ACCEPT from IP=192.168.250.98:47702 (IP=192.168.250.98:389)
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on 2 descriptors
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: conn=1016 op=0 EXT oid=1.3.6.1.4.1.1466.20037
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: do_extended: oid=1.3.6.1.4.1.1466.20037
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: conn=1016 op=0 STARTTLS
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: conn=1016 op=0 RESULT oid= err=0 text=
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on 2 descriptors
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 busy
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: connection_closing: readying conn=1016 sd=13 for close
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: removing 13
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: conn=1016 fd=13 closed (TLS negotiation failure)
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: listen=9, new connection on 13
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: added 13r (active) listener=(nil)
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: conn=1017 fd=13 ACCEPT from IP=192.168.250.98:47704 (IP=192.168.250.98:389)
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on 2 descriptors
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: conn=1017 op=0 EXT oid=1.3.6.1.4.1.1466.20037
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: do_extended: oid=1.3.6.1.4.1.1466.20037
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: conn=1017 op=0 STARTTLS
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: conn=1017 op=0 RESULT oid= err=0 text=
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]:  13r
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: read active on 13
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: connection_get(13)
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: connection_closing: readying conn=1017 sd=13 for close
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: removing 13
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: conn=1017 fd=13 closed (TLS negotiation failure)
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on 1 descriptor
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: activity on:
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: 
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Sep 29 10:56:30 c764guest.deepsoft.com slapd[20312]: daemon: epoll: listen=11 active_threads=0 tvp=NULL


SSSD is just saying it is unable to get information from the provider (I'm 
guessing slapd).

I am just about to give up on SSSD.  As far as I can tell, it just does not 
work.  I don't think I really need SSSD for anything.  It sounds like 
nslcd/nss_pam_ldap will do what I need to do.  CentOS7 / RHEL7 comes with SSSD 
as the default, so somehow I need to get rid of it.  I actually installed 
nss_pam_ldap and it is in fact running, but I am guess it is not being used.

I guess I need to figure out the "magic" for authconfig to shove sssd out of 
the way....

> 
> How does one estalish their own CA that's trusted by other Root CA's?
> Perhaps try disabling verification of the chain then see if bind happens.
> 
> On Sep 28, 2017 9:14 PM, "Robert Heller" <heller@deepsoft.com> wrote:
> 
> > At Thu, 28 Sep 2017 16:08:42 -0700 Quanah Gibson-Mount <quanah@symas.com>
> > wrote:
> >
> > >
> > > --On Thursday, September 28, 2017 7:28 PM -0400 Robert Heller
> > > <heller@deepsoft.com> wrote:
> > >
> > > > At Thu, 28 Sep 2017 12:29:19 -0700 Quanah Gibson-Mount <
> > quanah@symas.com>
> > > > wrote:
> > > >
> > > >>
> > > >> --On Thursday, September 28, 2017 3:34 PM -0400 Robert Heller
> > > >> <heller@deepsoft.com> wrote:
> > > >>
> > > >>
> > > >> > Slapd is reporting TLS Negotiation failure when SSSD tries to
> > connect
> > > >> > to it.   For both port 389 (ldap:///) and 636 (ldaps:///).  So I
> > guess
> > > >> > something is  wrong with slapd's TLS configuration -- it is failing
> > to
> > > >> > do TLS Negotiation,  either it is just not doing it or it is doing
> > it
> > > >> > wrong (somehow).  Unless SSSD  is not configured properly.
> > > >>
> > > >> You need to start with the following:
> > > >>
> > > >> >> ldapwhoami -x -ZZ -H ldap://myhost:389 -D binddn -w
> > > >>
> > > >> to test startTLS
> > > >>
> > > >> and
> > > >>
> > > >> ldapwhoami -x -H ldaps://myhost:636 -D binddn -w
> > > >>
> > > >> to test without startTLS
> > > >>
> > > >> If you can get those to work, then you can move on to SSSD.
> > > >
> > > > [heller@c764guest ~]$ ldapwhoami -x -ZZ -H ldap://c764guest:389 -D
> > > > cn=Manager,dc=deepsoft,dc=com -W ldap_start_tls: Connect error (-11)
> > > >        additional info: TLS error -8157:Certificate extension not
> > found.
> > >
> > > This may be of help:
> > > <https://urldefense.proofpoint.com/v2/url?u=https-
> > 3A__serverfault.com_questions_640910_my-2Dcertificate-
> > 2Ddoesnt-2Dwork-2Don-2Dall-2Dmachines&d=DwIBAg&c=
> > lb62iw4YL4RFalcE2hQUQealT9-RXrryqt9KZX2qu2s&r=2Fzhh_78OGspKQpl_e-
> > CbhH6xUjnRkaqPFUS2wTJ2cw&m=fNmr-KFWiEhP0yGMfSAsdSa6NOnIS_lb6cSsPujmQZ8&s=
> > h0ZJ27HydY4c7iw8uXd-1iadz94M-ZzNGL7KMfOsi2w&e=>
> > >
> > > > [heller@c764guest ~]$ ldapwhoami -x -H ldaps://c764guest:636 -D
> > > > cn=Manager,dc=deepsoft,dc=com -W Enter LDAP Password:
> > > > ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
> > >
> > > This may mean slapd isn't listening on port 636 (With no -d -1 info, hard
> > > to know for sure).  It may also simply be a different manifistation of
> > the
> > > error above.
> >
> > I added a -d option (picked 10), and discovered that it wanted the full
> > name
> > as specificed in the certificate. That fixed ldapwhoami and I put that in
> > ldap.conf, smb.conf, and in sssd.conf, but sssd is still not behaving
> > (samba
> > is though, mostly -- it might also be having issues since sssd is not
> > working)...
> >
> > >
> > > --Quanah
> > >
> > >
> > > --
> > >
> > > Quanah Gibson-Mount
> > > Product Architect
> > > Symas Corporation
> > > Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> > > <https://urldefense.proofpoint.com/v2/url?u=http-
> > 3A__www.symas.com&d=DwIBAg&c=lb62iw4YL4RFalcE2hQUQealT9-
> > RXrryqt9KZX2qu2s&r=2Fzhh_78OGspKQpl_e-CbhH6xUjnRkaqPFUS2wTJ2cw&m=
> > fNmr-KFWiEhP0yGMfSAsdSa6NOnIS_lb6cSsPujmQZ8&s=4Jyip-
> > C583CeHTI2N1wXllUKzrjwwvY9tqyl3tZVq8w&e=>
> > >
> > >
> >
> > --
> > Robert Heller             -- 978-544-6933
> > Deepwoods Software        -- Custom Software Services
> > https://urldefense.proofpoint.com/v2/url?u=http-3A__www.
> > deepsoft.com_&d=DwIBAg&c=lb62iw4YL4RFalcE2hQUQealT9-
> > RXrryqt9KZX2qu2s&r=2Fzhh_78OGspKQpl_e-CbhH6xUjnRkaqPFUS2wTJ2cw&m=
> > fNmr-KFWiEhP0yGMfSAsdSa6NOnIS_lb6cSsPujmQZ8&s=hf9o7fTr6iLSDpsS6xK6nGDWhZo-
> > N7aXcKoRAXfrPUE&e=  -- Linux Administration Services
> > heller@deepsoft.com       -- Webhosting Services
> >
> >
> >
> 
>                                                                                          
> 

-- 
Robert Heller             -- 978-544-6933
Deepwoods Software        -- Custom Software Services
http://www.deepsoft.com/  -- Linux Administration Services
heller@deepsoft.com       -- Webhosting Services