Ubuntu
sssd package

Bug #1921494
Comment #5

Comment 5 for bug 1921494

Revision history for this message

Matthew Ruffell (mruffell) wrote on 2021-10-06: Re: ad_use_ldaps error could not start tls encryption

Hi Rex,

Looking closer at the logging which you provided when debug_level = 4, the important part is:

[sss_ldap_init_sys_connect_done] (0x0020): ldap_install_tls failed: [Connect error] [(unknown error code)]

This looks very similar to this upstream bug report:
https://github.com/SSSD/sssd/issues/5531

In which case, I believe the below commit should fix the issue:

commit da55e3e69707de416b7949d08c165c950090bbb6
From: Iker Pedrosa <email address hidden>
Date: Wed, 3 Mar 2021 15:34:49 +0100
Subject: ldap: retry ldap_install_tls() when watchdog interruption
Link: https://github.com/SSSD/sssd/commit/da55e3e69707de416b7949d08c165c950090bbb6

I will make some test packages for Bionic, Focal, Hirsute and Impish. Will you be able to try some test packages? I will also try and reproduce myself, but this looks like a unreliable race condition between the watchdog and ldap_install_tls().

Thanks,
Matthew

Ubuntusssd package

Comment 5 for bug 1921494

Ubuntu
sssd package