# sssd-ad either coredumping or "ldap_sasl_bind failed (-12)"



## Supermathie (Mar 25, 2015)

I'm trying to get sssd-ad working on FreeBSD 10 and am stymied by either getting SASL working or sssd coredumping. Any idea how to solve either of these problems, properly?

```
==> /var/log/sssd/sssd_ad.smurf.net.log <==
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [sdap_cli_auth_step] (0x0100): expire timeout is 900
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [sasl_bind_send] (0x0100): Executing sasl bind mech: GSSAPI, user: gump$
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [sasl_bind_send] (0x0020): ldap_sasl_bind failed (-12)[Not Supported]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [sasl_bind_send] (0x0080): Extended failure message: [unknown error]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [child_sig_handler] (0x0100): child [50086] finished successfully.
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [fo_set_port_status] (0x0100): Marking port 389 of server 'ad2.ad.smurf.net' as 'not working'
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [be_run_offline_cb] (0x0080): Going offline. Running callbacks.
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [be_client_init] (0x0100): Set-up Backend ID timeout [0x806421f20]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [be_client_init] (0x0100): Set-up Backend ID timeout [0x806422160]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [client_registration] (0x0100): Cancel DP ID timeout [0x806422160]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [client_registration] (0x0100): Added Frontend client [PAM]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [client_registration] (0x0100): Cancel DP ID timeout [0x806421f20]
(Tue Mar 24 21:31:49 2015) [sssd[be[ad.smurf.net]]] [client_registration] (0x0100): Added Frontend client [NSS]
```
I've tried following the suggestion here: http://serverfault.com/a/633808/2101
but it's just made it worse - now sssd can't even start up.

```
==> /var/log/sssd/sssd_ad.smurf.net.log <==
(Tue Mar 24 21:53:38 2015) [sssd[be[ad.smurf.net]]] [be_res_get_opts] (0x0100): Lookup order: ipv4_first
(Tue Mar 24 21:53:38 2015) [sssd[be[ad.smurf.net]]] [recreate_ares_channel] (0x0100): Initializing new c-ares channel
(Tue Mar 24 21:53:38 2015) [sssd[be[ad.smurf.net]]] [monitor_common_send_id] (0x0100): Sending ID: (%BE_ad.smurf.net,1)
(Tue Mar 24 21:53:38 2015) [sssd[be[ad.smurf.net]]] [sss_names_init_from_args] (0x0100): Using re [(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))].
(Tue Mar 24 21:53:38 2015) [sssd[be[ad.smurf.net]]] [sss_fqnames_init] (0x0100): Using fq format [%1$s@%2$s].
(Tue Mar 24 21:53:38 2015) [sssd[be[ad.smurf.net]]] [sss_fqnames_init] (0x0100): Found the pattern for domain name
==> /var/log/sssd/sssd.log <==
(Tue Mar 24 21:53:38 2015) [sssd] [mt_svc_exit_handler] (0x0010): Process [ad.smurf.net], definitely stopped!
==> /var/log/messages <==
Mar 24 21:53:38 gump root: /usr/local/etc/rc.d/sssd: WARNING: failed to start sssd
Mar 24 21:53:38 gump kernel: pid 10289 (sssd_be), uid 0: exited on signal 11 (core dumped)
```
My sssd.conf is:

```
[sssd]
services = nss, pam
config_file_version = 2
domains = ad.smurf.net
default_domain_suffix = ad.smurf.net

[nss]

[pam]

[domain/ad.smurf.net]
debug_level = 4

enumerate = true
cache_credentials = true
ldap_id_mapping = false
ldap_schema = ad
id_provider = ad
auth_provider = ad
access_provider = ad
chpass_provider = ad

default_shell = /usr/local/bin/bash
fallback_homedir = /home/%u
```


----------



## AvAToR (Sep 1, 2015)

Hi.
1 `portmaster -o net/openldap24-sasl-client net/openldap24-client`
2 `portmaster -fr sssd`
3 `ldapwhoami`
4 `ldapsearch`


----------

