With openldap-2.4.28-r1, sssd don't retrieve user's retrieve. I have same output that this bug, fill on red hat bugzilla : https://bugzilla.redhat.com/show_bug.cgi?id=771484 And a downgrade workaround this issue. Step to reproduce : 1. set sssd to search about an ldap for users infos 2. upgrade openldap to 2.4.28-r1 3. logout 4. attempt to login failed. An 'su - <ldapuser>' gave same result. Result: Same output as red hat bug gave above.
*** Bug 405427 has been marked as a duplicate of this bug. ***
This bug required ldap patch, not sssd.
We added blocker for broken openldap versions to sssd. Ldap herd, please fix this and dependent bug.
openldap 2.4.30 stable , please mark as FIXED
Closed per comment #4