Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2.10.1 sssd.service permission error when accessing /etc/sssd/sssd.conf #7784

Closed
ccrpc-fjunge opened this issue Jan 3, 2025 · 16 comments
Closed

2.10.1 sssd.service permission error when accessing /etc/sssd/sssd.conf #7784

ccrpc-fjunge opened this issue Jan 3, 2025 · 16 comments
Assignees
@alexey-tikhonov

Comments

@ccrpc-fjunge
Copy link

I am running into an issue where my sssd is breaking with version 2.10.1, it seems that the sssd.service no longer has the permissions to access the /etc/sssd/sssd.conf file.

Version 2.10.0 systemctl status sssd.service

● sssd.service - System Security Services Daemon
     Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; preset: enabled)
    Drop-In: /usr/lib/systemd/system/service.d
             └─10-timeout-abort.conf, 50-keep-warm.conf
     Active: active (running) since Fri 2025-01-03 10:03:45 CST; 1min 5s ago
Invocation: 6f59d1f3e83f4a318e79c34ffa4d9609
    Process: 1520 ExecStartPre=/bin/chown -f sssd:sssd /etc/sssd (code=exited, status=0/SUCCESS)
    Process: 1574 ExecStartPre=/bin/chown -f sssd:sssd /etc/sssd/sssd.conf (code=exited, status=0/SUCCESS)
    Process: 1584 ExecStartPre=/bin/chown -f -R sssd:sssd /etc/sssd/conf.d (code=exited, status=0/SUCCESS)
    Process: 1588 ExecStartPre=/bin/chown -f -R sssd:sssd /etc/sssd/pki (code=exited, status=0/SUCCESS)
    Process: 1591 ExecStartPre=/bin/sh -c /bin/chown -f sssd:sssd /var/lib/sss/db/*.ldb (code=exited, status=0/SUCCESS)
    Process: 1593 ExecStartPre=/bin/sh -c /bin/chown -f sssd:sssd /var/lib/sss/gpo_cache/* (code=exited, status=0/SUCCESS)
    Process: 1599 ExecStartPre=/bin/sh -c /bin/chown -f sssd:sssd /var/log/sssd/*.log (code=exited, status=0/SUCCESS)
   Main PID: 1601 (sssd)
      Tasks: 5 (limit: 42900)
     Memory: 101.5M (peak: 102.1M)
        CPU: 789ms
     CGroup: /system.slice/sssd.service
             ├─1601 /usr/sbin/sssd -i --logger=files
             ├─1667 /usr/libexec/sssd/sssd_be --domain co.champaign.il.us --logger=files
             ├─1688 /usr/libexec/sssd/sssd_nss --logger=files
             ├─1689 /usr/libexec/sssd/sssd_pam --logger=files
             └─1690 /usr/libexec/sssd/sssd_pac --logger=files

Jan 03 10:03:44 bluefin systemd[1]: Starting sssd.service - System Security Services Daemon...
Jan 03 10:03:45 bluefin sssd[1601]: Starting up
Jan 03 10:03:45 bluefin sssd_be[1667]: Starting up
Jan 03 10:03:45 bluefin sssd_nss[1688]: Starting up
Jan 03 10:03:45 bluefin sssd_pac[1690]: Starting up

Version 2.10.1 systemctl status sssd.service

× sssd.service - System Security Services Daemon
     Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; preset: enabled)
    Drop-In: /usr/lib/systemd/system/service.d
             └─10-timeout-abort.conf, 50-keep-warm.conf
     Active: failed (Result: exit-code) since Fri 2025-01-03 09:52:16 CST; 9s ago
Invocation: 592e7fd757164c1bad5e5644ac3e2e1f
    Process: 6932 ExecStartPre=/bin/chown -f -R root:sssd /etc/sssd (code=exited, status=0/SUCCESS)
    Process: 6934 ExecStartPre=/bin/chmod -f -R g+r /etc/sssd (code=exited, status=0/SUCCESS)
    Process: 6936 ExecStartPre=/bin/sh -c /bin/chown -f sssd:sssd /var/lib/sss/db/*.ldb (code=exited, status=0/SUCCESS)
    Process: 6938 ExecStartPre=/bin/chown -f -R sssd:sssd /var/lib/sss/gpo_cache (code=exited, status=0/SUCCESS)
    Process: 6941 ExecStartPre=/bin/sh -c /bin/chown -f sssd:sssd /var/log/sssd/*.log (code=exited, status=0/SUCCESS)
    Process: 6944 ExecStart=/usr/sbin/sssd -i ${DEBUG_LOGGER} (code=exited, status=3)
   Main PID: 6944 (code=exited, status=3)
   Mem peak: 1.5M
        CPU: 28ms

Jan 03 09:52:16 bluefin systemd[1]: Starting sssd.service - System Security Services Daemon...
Jan 03 09:52:16 bluefin sssd[6944]: [sssd] [sss_ini_open] (0x0100): sss_ini_config_file_open() failed [13]: Permission denied
Jan 03 09:52:16 bluefin sssd[6944]: [sssd] [sss_ini_read_sssd_conf] (0x0020): sss_ini_open() on '/etc/sssd/sssd.conf' failed [13]: Permission denied
Jan 03 09:52:16 bluefin sssd[6944]: Can't read config: 'Failed to open main config file'
Jan 03 09:52:16 bluefin sssd[6944]: Failed to read configuration: 'Failed to open main config file'
Jan 03 09:52:16 bluefin sssd[6944]: Make sure configuration is readable by the user used to run service and doesn't have public rwx bits set.
Jan 03 09:52:16 bluefin systemd[1]: sssd.service: Main process exited, code=exited, status=3/NOTIMPLEMENTED
Jan 03 09:52:16 bluefin systemd[1]: sssd.service: Failed with result 'exit-code'.
Jan 03 09:52:16 bluefin systemd[1]: Failed to start sssd.service - System Security Services Daemon.

Both the sssd.conf and sssd.service files are regular files, nothing going on with sym links or the like (this is on 2.10.0, hence sssd.conf is not group readable):

❯ sudo ls -la /etc/sssd
total 4
drwx------. 1 sssd sssd   36 27. Dez 16:14 .
drwxr-xr-x. 1 root root 5096 30. Dez 08:16 ..
drwxr-x---. 1 sssd sssd    0 27. Dez 08:29 conf.d
drwxr-x---. 1 sssd sssd    0 27. Dez 08:29 pki
-rw-------. 1 sssd sssd  500  6. Nov 11:55 sssd.conf

❯ sudo ls -la /usr/lib/systemd/system/sssd.service
-rw-r--r--. 2 root root 1243 31. Dez 1969  /usr/lib/systemd/system/sssd.service

If it helps, I am running BluefinDX which is an immutable file system which uses rpm-ostree for updates.

I am unsure why this occurring as the 2.10.1 version of the service sets the file to be group readable and its own group to sssd, but these are the logs.
@ccrpc-fjunge ccrpc-fjunge mentioned this issue Jan 3, 2025
Open
@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jan 3, 2025
edited
Loading

If it helps, I am running BluefinDX which is an immutable file system which uses rpm-ostree for updates.

Is g+x bit missing on /etc/sssd? (also see https://bugzilla.redhat.com/show_bug.cgi?id=2334868)

I think it should be fixed via 2nd patch in #7783

@ccrpc-fjunge
Copy link
Author

I updated the permissions on /etc/sssd/sssd.conf to include g+x, so this is what they are now.

❯ sudo ls -la /etc/sssd
total 4
drwxr-x---. 1 root sssd   36 Jan  3 12:53 .
drwxr-xr-x. 1 root root 5096 Jan  3 12:53 ..
drwxr-x---. 1 root sssd    0 Jan  3 12:52 conf.d
drwxr-x---. 1 root sssd    0 Jan  3 12:52 pki
-rw-r-x---. 1 root sssd  500 Nov  6 11:55 sssd.conf

Now sssd throws a different error (progress!):

systemctl status sssd.service now shows

× sssd.service - System Security Services Daemon
     Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; preset: enabled)
    Drop-In: /usr/lib/systemd/system/service.d
             └─10-timeout-abort.conf, 50-keep-warm.conf
     Active: failed (Result: exit-code) since Fri 2025-01-03 13:03:43 CST; 3min 37s ago
Invocation: 44a67884c86d48aca43db918c24ea96c
    Process: 1520 ExecStartPre=/bin/chown -f -R root:sssd /etc/sssd (code=exited, status=0/SUCCESS)
    Process: 1574 ExecStartPre=/bin/chmod -f -R g+r /etc/sssd (code=exited, status=0/SUCCESS)
    Process: 1584 ExecStartPre=/bin/sh -c /bin/chown -f sssd:sssd /var/lib/sss/db/*.ldb (code=exited, status=0/SUCCESS)
    Process: 1594 ExecStartPre=/bin/chown -f -R sssd:sssd /var/lib/sss/gpo_cache (code=exited, status=0/SUCCESS)
    Process: 1602 ExecStartPre=/bin/sh -c /bin/chown -f sssd:sssd /var/log/sssd/*.log (code=exited, status=0/SUCCESS)
    Process: 1614 ExecStart=/usr/sbin/sssd -i ${DEBUG_LOGGER} (code=exited, status=1/FAILURE)
   Main PID: 1614 (code=exited, status=1/FAILURE)
   Mem peak: 49.5M
        CPU: 471ms

Jan 03 13:03:36 bluefin systemd[1]: Starting sssd.service - System Security Services Daemon...
Jan 03 13:03:37 bluefin sssd[1614]: Starting up
Jan 03 13:03:37 bluefin sssd_be[1661]: Starting up
Jan 03 13:03:37 bluefin sssd_be[1684]: Starting up
Jan 03 13:03:39 bluefin sssd_be[1934]: Starting up
Jan 03 13:03:43 bluefin sssd_be[1982]: Starting up
Jan 03 13:03:43 bluefin sssd[1614]: Exiting the SSSD. Could not restart critical service [co.champaign.il.us].
Jan 03 13:03:43 bluefin systemd[1]: sssd.service: Main process exited, code=exited, status=1/FAILURE
Jan 03 13:03:43 bluefin systemd[1]: sssd.service: Failed with result 'exit-code'.
Jan 03 13:03:43 bluefin systemd[1]: Failed to start sssd.service - System Security Services Daemon.

Now that sssd has gotten passed being unable to read the main config file, the logs in /var/log/sssd/sssd.log are updated.

These now report the following:

[sssd] [main] (0x3f7c0): Started under uid=995 (euid=995) : gid=993 (egid=993) with SECBIT_KEEP_CAPS = 0 and following capabilities:
   (nothing)
[sssd] [sss_ini_call_validators] (0x0020): [rule/allowed_sssd_options]: Attribute 'config_file_version' is not allowed in section 'sssd'. Check for typos.
(2025-01-03 13:18:23): [sssd] [server_setup] (0x3f7c0): Starting with debug level = 0x0070
(2025-01-03 13:18:23): [sssd] [server_loop] (0x3f7c0): Entering main loop under uid=995 (euid=995) : gid=993 (egid=993) with SECBIT_KEEP_CAPS = 0 and following capabilities:
   (nothing)
(2025-01-03 13:18:23): [sssd] [svc_child_info] (0x0040): Child [1667] ('co.champaign.il.us':'%BE_co.champaign.il.us') exited with code [3]
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  [sssd] [sss_ini_call_validators] (0x0020): [rule/allowed_sssd_options]: Attribute 'config_file_version' is not allowed in section 'sssd'. Check for typos.
   *  [sssd] [check_file] (0x0400): lstat for '/run/sssd/sssd.pid' failed: [2][No such file or directory].
   *  [sssd] [check_file] (0x0400): lstat for '/var/run/nscd/socket' failed: [2][No such file or directory].
   *  [sssd] [confdb_populate] (0x0100): LDIF file to import: 
dn: cn=sssd,cn=config
cn: sssd
domains: co.champaign.il.us
config_file_version: 2
services: nss, pam

dn: cn=co.champaign.il.us,cn=domain,cn=config
cn: co.champaign.il.us
default_shell: /bin/bash
krb5_store_password_if_offline: True
cache_credentials: True
krb5_realm: CO.CHAMPAIGN.IL.US
realmd_tags: manages-system joined-with-adcli
id_provider: ad
fallback_homedir: /home/%u@%d
ad_domain: co.champaign.il.us
use_fully_qualified_names: True
ldap_id_mapping: True
access_provider: simple
ad_gpo_ignore_unreadable: True
simple_allow_users: fj44404


   *  [sssd] [ldb] (0x0400): server_sort:Unable to register control with rootdse!
   *  (2025-01-03 13:18:23): [sssd] [server_setup] (0x0400): CONFDB: /var/lib/sss/db/config.ldb
   *  (2025-01-03 13:18:23): [sssd] [confdb_expand_app_domains] (0x2000): co.champaign.il.us is not an app domain
   *  (2025-01-03 13:18:23): [sssd] [confdb_init_domain_provider_and_enum] (0x0400): No enumeration for [co.champaign.il.us]
   *  (2025-01-03 13:18:23): [sssd] [confdb_init_domain_pwd_expire] (0x1000): pwd_expiration_warning is -1
   *  (2025-01-03 13:18:23): [sssd] [sss_names_init_from_args] (0x0100): Using re [^(((?P<domain>[^\\]+)\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<name>[^@\\]+)))$].
   *  (2025-01-03 13:18:23): [sssd] [sss_fqnames_init] (0x0100): Using fq format [%1$s@%2$s].
   *  (2025-01-03 13:18:23): [sssd] [sysdb_domain_init_internal] (0x0200): DB File for co.champaign.il.us: /var/lib/sss/db/cache_co.champaign.il.us.ldb
   *  (2025-01-03 13:18:23): [sssd] [sysdb_domain_init_internal] (0x0200): Timestamp file for co.champaign.il.us: /var/lib/sss/db/timestamps_co.champaign.il.us.ldb
   *  (2025-01-03 13:18:23): [sssd] [sysdb_ldb_connect] (0x4000): No ldb module path set in env
   *  (2025-01-03 13:18:23): [sssd] [ldb] (0x0400): asq: Unable to register control with rootdse!
   *  (2025-01-03 13:18:23): [sssd] [sysdb_ldb_connect] (0x4000): No ldb module path set in env
   *  (2025-01-03 13:18:23): [sssd] [sbus_server_socket_listen] (0x0400): D-BUS Server listening on unix:path=/var/lib/sss/pipes/private/sbus-master,guid=6b250c83e952edccaddbad8f677837ff
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /*
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /*
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus on path /org/freedesktop/DBus
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_add] (0x2000): Created a enabled R/- watch on 11
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /*
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /*
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_add] (0x2000): Created a enabled -/W watch on 12
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled R/- watch on 12
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 12
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled -/W watch on 12
   *  (2025-01-03 13:18:23): [sssd] [sbus_server_new_connection] (0x0200): New dbus connection 0x563cf9d36ed0.
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /*
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /*
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_add] (0x2000): Created a disabled -/W watch on 13
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 13
   *  (2025-01-03 13:18:23): [sssd] [sbus_server_new_connection] (0x0200): Adding sbus connection 0x563cf9d69f90.
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled R/- watch on 13
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled -/W watch on 13
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 13
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled -/W watch on 13
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled R/- watch on 12
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled -/W watch on 12
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 12
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled -/W watch on 12
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled R/- watch on 13
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled -/W watch on 13
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 13
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled -/W watch on 13
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled R/- watch on 12
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled -/W watch on 12
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 12
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled -/W watch on 12
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_method_handler] (0x2000): Received D-Bus method org.freedesktop.DBus.Hello on /org/freedesktop/DBus from :not.active.yet
   *  (2025-01-03 13:18:23): [sssd] [sbus_server_bus_hello] (0x4000): Assigning unique name :1.1 to connection 0x563cf9d69f90
   *  (2025-01-03 13:18:23): [sssd] [sbus_issue_request_done] (0x0400): org.freedesktop.DBus.Hello on /org/freedesktop/DBus from :not.active.yet: Success
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_signal_handler] (0x2000): Received D-Bus signal org.freedesktop.DBus.NameAcquired on /org/freedesktop/DBus from org.freedesktop.DBus
   *  (2025-01-03 13:18:23): [sssd] [sbus_signal_handler] (0x0200): We do not listen to this signal!
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_method_handler] (0x2000): Received D-Bus method org.freedesktop.DBus.RequestName on /org/freedesktop/DBus from :1.1
   *  (2025-01-03 13:18:23): [sssd] [sbus_server_bus_request_name] (0x0400): Requesting name: sssd.monitor
   *  (2025-01-03 13:18:23): [sssd] [sbus_issue_request_done] (0x0400): org.freedesktop.DBus.RequestName on /org/freedesktop/DBus from :1.1: Success
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_signal_handler] (0x2000): Received D-Bus signal org.freedesktop.DBus.NameAcquired on /org/freedesktop/DBus from org.freedesktop.DBus
   *  (2025-01-03 13:18:23): [sssd] [sbus_signal_handler] (0x0200): We do not listen to this signal!
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_listen] (0x0400): Registering signal listener org.freedesktop.DBus.NameOwnerChanged on path /org/freedesktop/DBus
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_listen] (0x0400): Registering signal listener org.freedesktop.DBus.NameAcquired on path /org/freedesktop/DBus
   *  (2025-01-03 13:18:23): [sssd] [sbus_connect_private_done] (0x0400): Connected to unix:path=/var/lib/sss/pipes/private/sbus-master bus as sssd.monitor
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface sssd.monitor on path /sssd
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface sssd.service on path /sssd
   *  (2025-01-03 13:18:23): [sssd] [get_provider_config] (0x0100): Formed command '/usr/libexec/sssd/sssd_be --domain co.champaign.il.us --logger=files' for provider '%BE_co.champaign.il.us'
   *  (2025-01-03 13:18:23): [sssd] [start_service] (0x0100): Queueing service co.champaign.il.us for startup
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_method_handler] (0x2000): Received D-Bus method org.freedesktop.DBus.AddMatch on /org/freedesktop/DBus from sssd.monitor
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_method_handler] (0x2000): Received D-Bus method org.freedesktop.DBus.AddMatch on /org/freedesktop/DBus from sssd.monitor
   *  (2025-01-03 13:18:23): [sssd] [sbus_match_rule_add] (0x4000): Adding match rule for :1.1: org.freedesktop.DBus.NameOwnerChanged
   *  (2025-01-03 13:18:23): [sssd] [sbus_issue_request_done] (0x0400): org.freedesktop.DBus.AddMatch on /org/freedesktop/DBus from sssd.monitor: Success
   *  (2025-01-03 13:18:23): [sssd] [sbus_match_rule_add] (0x4000): Adding match rule for :1.1: org.freedesktop.DBus.NameAcquired
   *  (2025-01-03 13:18:23): [sssd] [sbus_issue_request_done] (0x0400): org.freedesktop.DBus.AddMatch on /org/freedesktop/DBus from sssd.monitor: Success
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_server_new_connection] (0x0200): New dbus connection 0x563cf9deaeb0.
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /*
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /
   *  (2025-01-03 13:18:23): [sssd] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /*
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_add] (0x2000): Created a disabled -/W watch on 14
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 14
   *  (2025-01-03 13:18:23): [sssd] [sbus_server_new_connection] (0x0200): Adding sbus connection 0x563cf9d67fe0.
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled R/- watch on 14
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled -/W watch on 14
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 14
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled -/W watch on 14
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled R/- watch on 14
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled -/W watch on 14
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 14
   *  (2025-01-03 13:18:23): [sssd] [sbus_watch_toggle] (0x4000): Toggle to disabled -/W watch on 14
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_method_handler] (0x2000): Received D-Bus method org.freedesktop.DBus.Hello on /org/freedesktop/DBus from :not.active.yet
   *  (2025-01-03 13:18:23): [sssd] [sbus_server_bus_hello] (0x4000): Assigning unique name :1.2 to connection 0x563cf9d67fe0
   *  (2025-01-03 13:18:23): [sssd] [sbus_issue_request_done] (0x0400): org.freedesktop.DBus.Hello on /org/freedesktop/DBus from :not.active.yet: Success
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_signal_handler] (0x2000): Received D-Bus signal org.freedesktop.DBus.NameOwnerChanged on /org/freedesktop/DBus from org.freedesktop.DBus
   *  (2025-01-03 13:18:23): [sssd] [sbus_name_owner_changed] (0x4000): Name of owner :1.2 has changed from [] to [:1.2]
   *  (2025-01-03 13:18:23): [sssd] [sbus_issue_request_done] (0x0400): org.freedesktop.DBus.NameOwnerChanged on /org/freedesktop/DBus from org.freedesktop.DBus: Success
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_method_handler] (0x2000): Received D-Bus method org.freedesktop.DBus.RequestName on /org/freedesktop/DBus from :1.2
   *  (2025-01-03 13:18:23): [sssd] [sbus_server_bus_request_name] (0x0400): Requesting name: sssd.domain_co_2echampaign_2eil_2eus
   *  (2025-01-03 13:18:23): [sssd] [sbus_issue_request_done] (0x0400): org.freedesktop.DBus.RequestName on /org/freedesktop/DBus from :1.2: Success
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_signal_handler] (0x2000): Received D-Bus signal org.freedesktop.DBus.NameOwnerChanged on /org/freedesktop/DBus from org.freedesktop.DBus
   *  (2025-01-03 13:18:23): [sssd] [sbus_name_owner_changed] (0x4000): Name of owner sssd.domain_co_2echampaign_2eil_2eus has changed from [] to [sssd.domain_co_2echampaign_2eil_2eus]
   *  (2025-01-03 13:18:23): [sssd] [sbus_issue_request_done] (0x0400): org.freedesktop.DBus.NameOwnerChanged on /org/freedesktop/DBus from org.freedesktop.DBus: Success
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_method_handler] (0x2000): Received D-Bus method org.freedesktop.DBus.AddMatch on /org/freedesktop/DBus from sssd.domain_co_2echampaign_2eil_2eus
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_method_handler] (0x2000): Received D-Bus method org.freedesktop.DBus.AddMatch on /org/freedesktop/DBus from sssd.domain_co_2echampaign_2eil_2eus
   *  (2025-01-03 13:18:23): [sssd] [sbus_match_rule_add] (0x4000): Adding match rule for :1.2: org.freedesktop.DBus.NameOwnerChanged
   *  (2025-01-03 13:18:23): [sssd] [sbus_issue_request_done] (0x0400): org.freedesktop.DBus.AddMatch on /org/freedesktop/DBus from sssd.domain_co_2echampaign_2eil_2eus: Success
   *  (2025-01-03 13:18:23): [sssd] [sbus_match_rule_add] (0x4000): Adding match rule for :1.2: org.freedesktop.DBus.NameAcquired
   *  (2025-01-03 13:18:23): [sssd] [sbus_issue_request_done] (0x0400): org.freedesktop.DBus.AddMatch on /org/freedesktop/DBus from sssd.domain_co_2echampaign_2eil_2eus: Success
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch_reconnect] (0x0400): Connection lost. Terminating active requests.
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch_reconnect] (0x4000): Remote client terminated the connection. Releasing data...
   *  (2025-01-03 13:18:23): [sssd] [sbus_connection_free] (0x4000): Connection 0x563cf9d67fe0 will be freed during next loop!
   *  (2025-01-03 13:18:23): [sssd] [sbus_connection_free_handler] (0x0400): Releasing connection 0x563cf9d67fe0
   *  (2025-01-03 13:18:23): [sssd] [sbus_dispatch] (0x4000): Dispatching.
   *  (2025-01-03 13:18:23): [sssd] [sbus_signal_handler] (0x2000): Received D-Bus signal org.freedesktop.DBus.NameOwnerChanged on /org/freedesktop/DBus from org.freedesktop.DBus
   *  (2025-01-03 13:18:23): [sssd] [sss_child_handler] (0x2000): waitpid failed [10]: No child processes
   *  (2025-01-03 13:18:23): [sssd] [mt_svc_exit_handler] (0x1000): SIGCHLD handler of service co.champaign.il.us called
   *  (2025-01-03 13:18:23): [sssd] [svc_child_info] (0x0040): Child [1667] ('co.champaign.il.us':'%BE_co.champaign.il.us') exited with code [3]
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-03 13:18:23): [sssd] [svc_child_info] (0x0040): Child [1690] ('co.champaign.il.us':'%BE_co.champaign.il.us') exited with code [3]
   *  ... skipping repetitive backtrace ...
(2025-01-03 13:18:25): [sssd] [svc_child_info] (0x0040): Child [1930] ('co.champaign.il.us':'%BE_co.champaign.il.us') exited with code [3]
   *  ... skipping repetitive backtrace ...
(2025-01-03 13:18:29): [sssd] [svc_child_info] (0x0040): Child [1978] ('co.champaign.il.us':'%BE_co.champaign.il.us') exited with code [3]
   *  ... skipping repetitive backtrace ...
(2025-01-03 13:18:29): [sssd] [monitor_restart_service] (0x0010): Process [co.champaign.il.us], definitely stopped!
(2025-01-03 13:18:29): [sssd] [monitor_quit] (0x3f7c0): Returned with: 1
(2025-01-03 13:18:29): [sssd] [monitor_cleanup] (0x0010): Error removing pidfile! (2 [No such file or directory])
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-03 13:18:29): [sssd] [monitor_restart_service] (0x0010): Process [co.champaign.il.us], definitely stopped!
   *  (2025-01-03 13:18:29): [sssd] [monitor_cleanup] (0x0010): Error removing pidfile! (2 [No such file or directory])
********************** BACKTRACE DUMP ENDS HERE *********************************

I do not have much experience with sssd, but at a glance I would guess the cause has something to do with the following lines:

   *  [sssd] [sss_ini_call_validators] (0x0020): [rule/allowed_sssd_options]: Attribute 'config_file_version' is not allowed in section 'sssd'. Check for typos.
   *  [sssd] [check_file] (0x0400): lstat for '/run/sssd/sssd.pid' failed: [2][No such file or directory].
   *  [sssd] [check_file] (0x0400): lstat for '/var/run/nscd/socket' failed: [2][No such file or directory].
   
[...]

   *  [sssd] [ldb] (0x0400): server_sort:Unable to register control with rootdse!

Could those "No such file or directory" errors be due to permission conflicts as well?
Were there any breaking changes to /etc/sssd/sssd.conf between versions 2.10.0 and 2.10.1?

@alexey-tikhonov
Copy link
Member

Jan 03 13:03:43 bluefin sssd[1614]: Exiting the SSSD. Could not restart critical service [co.champaign.il.us].

Look for the reason in /var/log/sssd/sssd_co.champaign.il.us.log

@alexey-tikhonov alexey-tikhonov self-assigned this Jan 7, 2025
@ccrpc-fjunge
Copy link
Author

ccrpc-fjunge commented Jan 7, 2025
edited
Loading

Looking at /var/log/sssd/sssd_co.champaign.il.us.log (and I will paste the full log below) one re-occurring error appears to be "Failed to get principal from keytab".

*  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_select_principal_from_keytab_sync] (0x0020): Failed to get principal from keytab (sss_atomic_read_s() failed), see ldap_child.log (pid = 1677) for details.

(unfortunately /var/log/sssd/ldap_child.log is empty)

Another is trouble with the ad module:

(2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_target_init] (0x0010): Unable to load module ad
(2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_targets] (0x0020): Unable to load target [id] [80]: Accessing a corrupted shared library.

Is it possible that version 2.10.1 fails to load some cached values from 2.10.0? Did something change structurally in the way the keytab works? Or could this be another permission error?

/var/log/sssd/sssd_co.champaign.il.us.log from the most recent boot (after adding g+x to sssd):

(2025-01-07 10:31:36): [be[co.champaign.il.us]] [server_setup] (0x3f7c0): Starting with debug level = 0x0070
(2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_select_principal_from_keytab_sync] (0x0020): Failed to get principal from keytab (sss_atomic_read_s() failed), see ldap_child.log (pid = 1677) for details.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  [be[co.champaign.il.us]] [ldb] (0x0400): server_sort:Unable to register control with rootdse!
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [server_setup] (0x0400): CONFDB: /var/lib/sss/db/config.ldb
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option lookup_family_order has value ipv4_first
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_timeout has value 6
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_op_timeout has value 3
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_server_timeout has value 1000
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_use_search_list is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_discovery_domain has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option failover_primary_timeout has value 31
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [be_res_get_opts] (0x0100): Lookup order: ipv4_first
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [recreate_ares_channel] (0x0100): Initializing new c-ares channel
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [fo_context_init] (0x0400): Created new fail over context, retry timeout is 30
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [confdb_init_domain_provider_and_enum] (0x0400): No enumeration for [co.champaign.il.us]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [confdb_init_domain_pwd_expire] (0x1000): pwd_expiration_warning is -1
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sysdb_domain_init_internal] (0x0200): DB File for co.champaign.il.us: /var/lib/sss/db/cache_co.champaign.il.us.ldb
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sysdb_domain_init_internal] (0x0200): Timestamp file for co.champaign.il.us: /var/lib/sss/db/timestamps_co.champaign.il.us.ldb
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sysdb_ldb_connect] (0x4000): No ldb module path set in env
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ldb] (0x0400): asq: Unable to register control with rootdse!
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sysdb_ldb_connect] (0x4000): No ldb module path set in env
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sss_domain_get_state] (0x1000): Domain co.champaign.il.us is Active
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sss_names_init_from_args] (0x0100): Using re [^(((?P<domain>[^\\]+)\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<name>[^@\\]+)))$].
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sss_fqnames_init] (0x0100): Using fq format [%1$s@%2$s].
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_dbus_connect_address] (0x0400): Connected to unix:path=/var/lib/sss/pipes/private/sbus-master bus as sssd.domain_co_2echampaign_2eil_2eus
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /*
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /*
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_watch_add] (0x2000): Created a disabled -/W watch on 15
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 15
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_router_listen] (0x0400): Registering signal listener org.freedesktop.DBus.NameOwnerChanged on path /org/freedesktop/DBus
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_router_listen] (0x0400): Registering signal listener org.freedesktop.DBus.NameAcquired on path /org/freedesktop/DBus
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [id]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [auth]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [simple] provider for [access]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [chpass]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [sudo]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [autofs]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [selinux]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [hostid]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [subdomains]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [session]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [resolver]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_target_init] (0x0400): Initializing target [id] with module [ad]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_module] (0x0400): About to load module [ad].
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_module_open_lib] (0x1000): Loading module [ad] with path [/usr/lib64/sssd/libsss_ad.so]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_module_run_constructor] (0x0400): Executing module [ad] constructor.
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_domain has value co.champaign.il.us
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_enabled_domains has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_server has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_backup_server has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_hostname has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_keytab has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_realm has value CO.CHAMPAIGN.IL.US
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_enable_dns_sites is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_access_filter has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_enable_gc is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_access_control has value enforcing
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_implicit_deny is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_ignore_unreadable is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_cache_timeout has value 5
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_interactive has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_remote_interactive has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_network has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_batch has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_service has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_permit has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_deny has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_default_right has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_site has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_confd_path has value /var/lib/sss/pubconf/krb5.include.d
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_maximum_machine_account_password_age has value 30
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_machine_account_password_renewal_opts has value 86400:750:300
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_update_samba_machine_account_password is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_use_ldaps is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): No AD server set, will use service discovery!
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): The hostname [bluefin] has been expanded to FQDN [bluefin]. If sssd should really use the short hostname, please set ad_hostname explicitly.
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): Setting ad_hostname to [bluefin].
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): Setting domain option case_sensitive to [false]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [krb5_service_new] (0x0100): write_kdcinfo for realm CO.CHAMPAIGN.IL.US set to false
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [fo_new_service] (0x0400): Creating new service 'AD'
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [fo_new_service] (0x0400): Creating new service 'AD_GC'
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_failover_init] (0x0100): No primary servers defined, using service discovery
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [resolv_is_address] (0x4000): [_srv_] does not look like an IP address
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [fo_add_srv_server] (0x0400): Adding new SRV server to service 'AD_GC' using 'tcp'.
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [fo_add_srv_server] (0x0400): Adding new SRV server to service 'AD' using 'tcp'.
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [_ad_servers_init] (0x0100): Added service discovery for AD
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_uri has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_backup_uri has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_default_bind_dn has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_default_authtok_type has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_default_authtok has no binary value.
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_search_timeout has value 6
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_network_timeout has value 6
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_opt_timeout has value 8
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_reqcert has value hard
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_search_scope has value sub
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_search_filter has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_extra_attrs has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_search_scope has value sub
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_search_filter has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_host_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_service_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_full_refresh_interval has value 21600
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_smart_refresh_interval has value 900
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_random_offset has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_use_host_filter is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_hostnames has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_ip has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_include_netgroups is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_include_regexp is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_autofs_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_autofs_map_master_name has value auto.master
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_iphost_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_ipnetwork_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_schema has value ad
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_pwmodify_mode has value exop
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_offline_timeout has value 60
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_force_upper_case_realm is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_enumeration_refresh_timeout has value 300
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_enumeration_refresh_offset has value 30
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_purge_cache_timeout has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_purge_cache_offset has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cacert has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cacertdir has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cert has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_key has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cipher_suite has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_id_use_start_tls is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_id_mapping is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_mech has value GSS-SPNEGO
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_authid has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_realm has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_minssf has value -1
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_maxssf has value -1
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_krb5_keytab has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_krb5_init_creds is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_server has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_backup_server has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_realm has value CO.CHAMPAIGN.IL.US
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_canonicalize is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_use_kdcinfo is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_kdcinfo_lookahead has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_pwd_policy has value none
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_referrals is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option account_cache_expiration has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_dns_service_name has value ldap
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_krb5_ticket_lifetime has value 86400
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_access_filter has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_netgroup_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_nesting_level has value 2
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_deref has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_account_expire_policy has value ad
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_access_order has value filter
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_uri has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_backup_uri has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_dns_service_name has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_update_last_change is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_enumeration_search_timeout has value 60
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_auth_disable_tls_never_use_in_production is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_page_size has value 1000
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_deref_threshold has value 10
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_ignore_unreadable_references is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_canonicalize is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_connection_expire_timeout has value 900
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_connection_expire_offset has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_connection_idle_timeout has value 900
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_disable_paging is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_range_min has value 200000
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_range_max has value 2000200000
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_range_size has value 200000
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_autorid_compat is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_default_domain has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_default_domain_sid has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_helper_table_size has value 10
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_use_tokengroups is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_rfc2307_fallback_to_local_users is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_disable_range_retrieval is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_min_id has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_max_id has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_pwdlockout_dn has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option wildcard_limit has value 1000
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_library_debug_level has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_use_ppolicy is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_ppolicy_pwd_change_threshold has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_entry_usn has value uSNChanged
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_rootdse_last_usn has value highestCommittedUSN
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_object_class has value user
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_name has value sAMAccountName
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_pwd has value unixUserPassword
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_uid_number has value uidNumber
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_gid_number has value gidNumber
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_gecos has value gecos
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_home_directory has value unixHomeDirectory
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shell has value loginShell
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_principal has value userPrincipalName
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_fullname has value name
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_member_of has value memberOf
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_uuid has value objectGUID
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_objectsid has value objectSID
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_primary_group has value primaryGroupID
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_modify_timestamp has value whenChanged
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_entry_usn has value uSNChanged
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_last_change has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_min has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_max has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_warning has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_inactive has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_expire has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_flag has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_krb_last_pwd_change has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_krb_password_expiration has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_pwd_attribute has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_authorized_service has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_ad_account_expires has value accountExpires
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_ad_user_account_control has value userAccountControl
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ns_account_lock has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_authorized_host has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_authorized_rhost has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_nds_login_disabled has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_nds_login_expiration_time has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_nds_login_allowed_time_map has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_ssh_public_key has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_auth_type has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_certificate has value userCertificate;binary
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_email has value mail
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ==NO OPTION== has value sAMAccountName
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_passkey has value altSecurityIdentities
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_object_class has value group
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_object_class_alt has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_name has value sAMAccountName
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_pwd has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_gid_number has value gidNumber
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_member has value member
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_uuid has value objectGUID
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_objectsid has value objectSID
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_modify_timestamp has value whenChanged
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_entry_usn has value uSNChanged
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_type has value groupType
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_external_member has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_object_class has value nisNetgroup
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_name has value cn
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_member has value memberNisNetgroup
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_triple has value nisNetgroupTriple
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_modify_timestamp has value modifyTimestamp
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_object_class has value ipService
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_name has value cn
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_port has value ipServicePort
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_proto has value ipServiceProtocol
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_entry_usn has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_object_class has value device
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_name has value cn
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_number has value ipHostNumber
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_entry_usn has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_object_class has value ipNetwork
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_name has value cn
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_number has value ipNetworkNumber
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_entry_usn has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_set_sdap_options] (0x0100): Option krb5_realm set to CO.CHAMPAIGN.IL.US
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_set_sasl_options] (0x0100): Will look for [email protected] in default keytab
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [create_child_req_send_buffer] (0x0400): buffer size: 53
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_select_principal_from_keytab_sync] (0x0020): Failed to get principal from keytab (sss_atomic_read_s() failed), see ldap_child.log (pid = 1677) for details.
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_set_sdap_options] (0x0040): Cannot set the SASL-related options
(2025-01-07 10:31:36): [be[co.champaign.il.us]] [sssm_ad_init] (0x0020): Unable to init AD id options
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_set_sdap_options] (0x0040): Cannot set the SASL-related options
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sssm_ad_init] (0x0020): Unable to init AD id options
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_module_run_constructor] (0x0010): Module [ad] constructor failed [5]: Input/output error
(2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_module] (0x0020): Unable to create DP module.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_module_run_constructor] (0x0010): Module [ad] constructor failed [5]: Input/output error
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_module] (0x0020): Unable to create DP module.
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_target_init] (0x0010): Unable to load module ad
(2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_targets] (0x0020): Unable to load target [id] [80]: Accessing a corrupted shared library.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_target_init] (0x0010): Unable to load module ad
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_targets] (0x0020): Unable to load target [id] [80]: Accessing a corrupted shared library.
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_init] (0x0020): Unable to initialize DP targets [1432158209]: Internal Error
(2025-01-07 10:31:36): [be[co.champaign.il.us]] [be_process_init] (0x0010): Unable to setup data provider [1432158209]: Internal Error
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_init] (0x0020): Unable to initialize DP targets [1432158209]: Internal Error
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_terminate_active_requests] (0x0400): Terminating active data provider requests
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [be_process_init] (0x0010): Unable to setup data provider [1432158209]: Internal Error
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:36): [be[co.champaign.il.us]] [main] (0x0010): Could not initialize backend [1432158209]
(2025-01-07 10:31:36): [be[co.champaign.il.us]] [server_setup] (0x3f7c0): Starting with debug level = 0x0070
(2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_select_principal_from_keytab_sync] (0x0020): Failed to get principal from keytab (sss_atomic_read_s() failed), see ldap_child.log (pid = 1687) for details.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  [be[co.champaign.il.us]] [ldb] (0x0400): server_sort:Unable to register control with rootdse!
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [server_setup] (0x0400): CONFDB: /var/lib/sss/db/config.ldb
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option lookup_family_order has value ipv4_first
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_timeout has value 6
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_op_timeout has value 3
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_server_timeout has value 1000
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_use_search_list is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_discovery_domain has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option failover_primary_timeout has value 31
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [be_res_get_opts] (0x0100): Lookup order: ipv4_first
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [recreate_ares_channel] (0x0100): Initializing new c-ares channel
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [fo_context_init] (0x0400): Created new fail over context, retry timeout is 30
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [confdb_init_domain_provider_and_enum] (0x0400): No enumeration for [co.champaign.il.us]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [confdb_init_domain_pwd_expire] (0x1000): pwd_expiration_warning is -1
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sysdb_domain_init_internal] (0x0200): DB File for co.champaign.il.us: /var/lib/sss/db/cache_co.champaign.il.us.ldb
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sysdb_domain_init_internal] (0x0200): Timestamp file for co.champaign.il.us: /var/lib/sss/db/timestamps_co.champaign.il.us.ldb
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sysdb_ldb_connect] (0x4000): No ldb module path set in env
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ldb] (0x0400): asq: Unable to register control with rootdse!
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sysdb_ldb_connect] (0x4000): No ldb module path set in env
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sss_domain_get_state] (0x1000): Domain co.champaign.il.us is Active
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sss_names_init_from_args] (0x0100): Using re [^(((?P<domain>[^\\]+)\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<name>[^@\\]+)))$].
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sss_fqnames_init] (0x0100): Using fq format [%1$s@%2$s].
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_dbus_connect_address] (0x0400): Connected to unix:path=/var/lib/sss/pipes/private/sbus-master bus as sssd.domain_co_2echampaign_2eil_2eus
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /*
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /*
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_watch_add] (0x2000): Created a disabled -/W watch on 15
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 15
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_router_listen] (0x0400): Registering signal listener org.freedesktop.DBus.NameOwnerChanged on path /org/freedesktop/DBus
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sbus_router_listen] (0x0400): Registering signal listener org.freedesktop.DBus.NameAcquired on path /org/freedesktop/DBus
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [id]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [auth]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [simple] provider for [access]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [chpass]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [sudo]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [autofs]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [selinux]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [hostid]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [subdomains]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [session]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [resolver]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_target_init] (0x0400): Initializing target [id] with module [ad]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_module] (0x0400): About to load module [ad].
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_module_open_lib] (0x1000): Loading module [ad] with path [/usr/lib64/sssd/libsss_ad.so]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_module_run_constructor] (0x0400): Executing module [ad] constructor.
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_domain has value co.champaign.il.us
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_enabled_domains has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_server has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_backup_server has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_hostname has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_keytab has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_realm has value CO.CHAMPAIGN.IL.US
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_enable_dns_sites is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_access_filter has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_enable_gc is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_access_control has value enforcing
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_implicit_deny is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_ignore_unreadable is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_cache_timeout has value 5
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_interactive has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_remote_interactive has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_network has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_batch has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_service has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_permit has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_deny has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_default_right has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_site has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_confd_path has value /var/lib/sss/pubconf/krb5.include.d
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_maximum_machine_account_password_age has value 30
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_machine_account_password_renewal_opts has value 86400:750:300
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_update_samba_machine_account_password is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_use_ldaps is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): No AD server set, will use service discovery!
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): The hostname [bluefin] has been expanded to FQDN [bluefin]. If sssd should really use the short hostname, please set ad_hostname explicitly.
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): Setting ad_hostname to [bluefin].
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): Setting domain option case_sensitive to [false]
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [krb5_service_new] (0x0100): write_kdcinfo for realm CO.CHAMPAIGN.IL.US set to false
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [fo_new_service] (0x0400): Creating new service 'AD'
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [fo_new_service] (0x0400): Creating new service 'AD_GC'
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_failover_init] (0x0100): No primary servers defined, using service discovery
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [resolv_is_address] (0x4000): [_srv_] does not look like an IP address
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [fo_add_srv_server] (0x0400): Adding new SRV server to service 'AD_GC' using 'tcp'.
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [fo_add_srv_server] (0x0400): Adding new SRV server to service 'AD' using 'tcp'.
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [_ad_servers_init] (0x0100): Added service discovery for AD
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_uri has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_backup_uri has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_default_bind_dn has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_default_authtok_type has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_default_authtok has no binary value.
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_search_timeout has value 6
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_network_timeout has value 6
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_opt_timeout has value 8
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_reqcert has value hard
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_search_scope has value sub
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_search_filter has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_extra_attrs has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_search_scope has value sub
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_search_filter has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_host_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_service_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_full_refresh_interval has value 21600
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_smart_refresh_interval has value 900
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_random_offset has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_use_host_filter is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_hostnames has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_ip has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_include_netgroups is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_include_regexp is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_autofs_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_autofs_map_master_name has value auto.master
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_iphost_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_ipnetwork_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_schema has value ad
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_pwmodify_mode has value exop
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_offline_timeout has value 60
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_force_upper_case_realm is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_enumeration_refresh_timeout has value 300
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_enumeration_refresh_offset has value 30
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_purge_cache_timeout has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_purge_cache_offset has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cacert has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cacertdir has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cert has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_key has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cipher_suite has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_id_use_start_tls is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_id_mapping is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_mech has value GSS-SPNEGO
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_authid has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_realm has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_minssf has value -1
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_maxssf has value -1
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_krb5_keytab has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_krb5_init_creds is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_server has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_backup_server has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_realm has value CO.CHAMPAIGN.IL.US
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_canonicalize is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_use_kdcinfo is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_kdcinfo_lookahead has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_pwd_policy has value none
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_referrals is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option account_cache_expiration has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_dns_service_name has value ldap
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_krb5_ticket_lifetime has value 86400
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_access_filter has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_netgroup_search_base has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_nesting_level has value 2
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_deref has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_account_expire_policy has value ad
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_access_order has value filter
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_uri has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_backup_uri has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_dns_service_name has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_update_last_change is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_enumeration_search_timeout has value 60
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_auth_disable_tls_never_use_in_production is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_page_size has value 1000
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_deref_threshold has value 10
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_ignore_unreadable_references is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_canonicalize is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_connection_expire_timeout has value 900
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_connection_expire_offset has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_connection_idle_timeout has value 900
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_disable_paging is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_range_min has value 200000
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_range_max has value 2000200000
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_range_size has value 200000
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_autorid_compat is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_default_domain has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_default_domain_sid has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_helper_table_size has value 10
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_use_tokengroups is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_rfc2307_fallback_to_local_users is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_disable_range_retrieval is FALSE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_min_id has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_max_id has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_pwdlockout_dn has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option wildcard_limit has value 1000
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_library_debug_level has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_use_ppolicy is TRUE
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_ppolicy_pwd_change_threshold has value 0
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_entry_usn has value uSNChanged
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_rootdse_last_usn has value highestCommittedUSN
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_object_class has value user
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_name has value sAMAccountName
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_pwd has value unixUserPassword
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_uid_number has value uidNumber
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_gid_number has value gidNumber
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_gecos has value gecos
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_home_directory has value unixHomeDirectory
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shell has value loginShell
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_principal has value userPrincipalName
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_fullname has value name
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_member_of has value memberOf
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_uuid has value objectGUID
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_objectsid has value objectSID
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_primary_group has value primaryGroupID
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_modify_timestamp has value whenChanged
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_entry_usn has value uSNChanged
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_last_change has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_min has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_max has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_warning has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_inactive has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_expire has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_flag has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_krb_last_pwd_change has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_krb_password_expiration has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_pwd_attribute has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_authorized_service has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_ad_account_expires has value accountExpires
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_ad_user_account_control has value userAccountControl
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ns_account_lock has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_authorized_host has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_authorized_rhost has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_nds_login_disabled has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_nds_login_expiration_time has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_nds_login_allowed_time_map has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_ssh_public_key has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_auth_type has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_certificate has value userCertificate;binary
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_email has value mail
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ==NO OPTION== has value sAMAccountName
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_passkey has value altSecurityIdentities
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_object_class has value group
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_object_class_alt has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_name has value sAMAccountName
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_pwd has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_gid_number has value gidNumber
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_member has value member
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_uuid has value objectGUID
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_objectsid has value objectSID
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_modify_timestamp has value whenChanged
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_entry_usn has value uSNChanged
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_type has value groupType
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_external_member has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_object_class has value nisNetgroup
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_name has value cn
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_member has value memberNisNetgroup
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_triple has value nisNetgroupTriple
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_modify_timestamp has value modifyTimestamp
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_object_class has value ipService
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_name has value cn
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_port has value ipServicePort
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_proto has value ipServiceProtocol
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_entry_usn has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_object_class has value device
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_name has value cn
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_number has value ipHostNumber
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_entry_usn has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_object_class has value ipNetwork
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_name has value cn
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_number has value ipNetworkNumber
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_entry_usn has no value 
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_set_sdap_options] (0x0100): Option krb5_realm set to CO.CHAMPAIGN.IL.US
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_set_sasl_options] (0x0100): Will look for [email protected] in default keytab
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [create_child_req_send_buffer] (0x0400): buffer size: 53
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sdap_select_principal_from_keytab_sync] (0x0020): Failed to get principal from keytab (sss_atomic_read_s() failed), see ldap_child.log (pid = 1687) for details.
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_set_sdap_options] (0x0040): Cannot set the SASL-related options
(2025-01-07 10:31:36): [be[co.champaign.il.us]] [sssm_ad_init] (0x0020): Unable to init AD id options
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [ad_set_sdap_options] (0x0040): Cannot set the SASL-related options
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [sssm_ad_init] (0x0020): Unable to init AD id options
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_module_run_constructor] (0x0010): Module [ad] constructor failed [5]: Input/output error
(2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_module] (0x0020): Unable to create DP module.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_module_run_constructor] (0x0010): Module [ad] constructor failed [5]: Input/output error
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_module] (0x0020): Unable to create DP module.
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_target_init] (0x0010): Unable to load module ad
(2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_targets] (0x0020): Unable to load target [id] [80]: Accessing a corrupted shared library.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_target_init] (0x0010): Unable to load module ad
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_load_targets] (0x0020): Unable to load target [id] [80]: Accessing a corrupted shared library.
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_init] (0x0020): Unable to initialize DP targets [1432158209]: Internal Error
(2025-01-07 10:31:36): [be[co.champaign.il.us]] [be_process_init] (0x0010): Unable to setup data provider [1432158209]: Internal Error
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_init] (0x0020): Unable to initialize DP targets [1432158209]: Internal Error
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [dp_terminate_active_requests] (0x0400): Terminating active data provider requests
   *  (2025-01-07 10:31:36): [be[co.champaign.il.us]] [be_process_init] (0x0010): Unable to setup data provider [1432158209]: Internal Error
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:36): [be[co.champaign.il.us]] [main] (0x0010): Could not initialize backend [1432158209]
(2025-01-07 10:31:38): [be[co.champaign.il.us]] [server_setup] (0x3f7c0): Starting with debug level = 0x0070
(2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_select_principal_from_keytab_sync] (0x0020): Failed to get principal from keytab (sss_atomic_read_s() failed), see ldap_child.log (pid = 1939) for details.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  [be[co.champaign.il.us]] [ldb] (0x0400): server_sort:Unable to register control with rootdse!
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [server_setup] (0x0400): CONFDB: /var/lib/sss/db/config.ldb
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option lookup_family_order has value ipv4_first
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_timeout has value 6
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_op_timeout has value 3
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_server_timeout has value 1000
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_use_search_list is TRUE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_discovery_domain has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option failover_primary_timeout has value 31
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [be_res_get_opts] (0x0100): Lookup order: ipv4_first
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [recreate_ares_channel] (0x0100): Initializing new c-ares channel
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [fo_context_init] (0x0400): Created new fail over context, retry timeout is 30
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [confdb_init_domain_provider_and_enum] (0x0400): No enumeration for [co.champaign.il.us]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [confdb_init_domain_pwd_expire] (0x1000): pwd_expiration_warning is -1
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sysdb_domain_init_internal] (0x0200): DB File for co.champaign.il.us: /var/lib/sss/db/cache_co.champaign.il.us.ldb
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sysdb_domain_init_internal] (0x0200): Timestamp file for co.champaign.il.us: /var/lib/sss/db/timestamps_co.champaign.il.us.ldb
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sysdb_ldb_connect] (0x4000): No ldb module path set in env
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [ldb] (0x0400): asq: Unable to register control with rootdse!
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sysdb_ldb_connect] (0x4000): No ldb module path set in env
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sss_domain_get_state] (0x1000): Domain co.champaign.il.us is Active
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sss_names_init_from_args] (0x0100): Using re [^(((?P<domain>[^\\]+)\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<name>[^@\\]+)))$].
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sss_fqnames_init] (0x0100): Using fq format [%1$s@%2$s].
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sbus_dbus_connect_address] (0x0400): Connected to unix:path=/var/lib/sss/pipes/private/sbus-master bus as sssd.domain_co_2echampaign_2eil_2eus
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /*
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /*
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sbus_watch_add] (0x2000): Created a disabled -/W watch on 15
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 15
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sbus_router_listen] (0x0400): Registering signal listener org.freedesktop.DBus.NameOwnerChanged on path /org/freedesktop/DBus
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sbus_router_listen] (0x0400): Registering signal listener org.freedesktop.DBus.NameAcquired on path /org/freedesktop/DBus
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [id]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [auth]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [simple] provider for [access]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [chpass]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [sudo]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [autofs]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [selinux]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [hostid]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [subdomains]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [session]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [resolver]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_target_init] (0x0400): Initializing target [id] with module [ad]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_module] (0x0400): About to load module [ad].
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_module_open_lib] (0x1000): Loading module [ad] with path [/usr/lib64/sssd/libsss_ad.so]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_module_run_constructor] (0x0400): Executing module [ad] constructor.
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_domain has value co.champaign.il.us
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_enabled_domains has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_server has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_backup_server has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_hostname has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_keytab has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_realm has value CO.CHAMPAIGN.IL.US
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_enable_dns_sites is TRUE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_access_filter has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_enable_gc is TRUE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_access_control has value enforcing
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_implicit_deny is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_ignore_unreadable is TRUE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_cache_timeout has value 5
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_interactive has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_remote_interactive has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_network has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_batch has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_service has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_permit has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_deny has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_default_right has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_site has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_confd_path has value /var/lib/sss/pubconf/krb5.include.d
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_maximum_machine_account_password_age has value 30
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_machine_account_password_renewal_opts has value 86400:750:300
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_update_samba_machine_account_password is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_use_ldaps is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): No AD server set, will use service discovery!
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): The hostname [bluefin] has been expanded to FQDN [bluefin]. If sssd should really use the short hostname, please set ad_hostname explicitly.
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): Setting ad_hostname to [bluefin].
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): Setting domain option case_sensitive to [false]
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [krb5_service_new] (0x0100): write_kdcinfo for realm CO.CHAMPAIGN.IL.US set to false
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [fo_new_service] (0x0400): Creating new service 'AD'
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [fo_new_service] (0x0400): Creating new service 'AD_GC'
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [ad_failover_init] (0x0100): No primary servers defined, using service discovery
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [resolv_is_address] (0x4000): [_srv_] does not look like an IP address
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [fo_add_srv_server] (0x0400): Adding new SRV server to service 'AD_GC' using 'tcp'.
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [fo_add_srv_server] (0x0400): Adding new SRV server to service 'AD' using 'tcp'.
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [_ad_servers_init] (0x0100): Added service discovery for AD
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_uri has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_backup_uri has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_search_base has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_default_bind_dn has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_default_authtok_type has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_default_authtok has no binary value.
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_search_timeout has value 6
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_network_timeout has value 6
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_opt_timeout has value 8
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_reqcert has value hard
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_search_base has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_search_scope has value sub
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_search_filter has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_extra_attrs has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_search_base has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_search_scope has value sub
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_search_filter has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_host_search_base has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_service_search_base has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_search_base has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_full_refresh_interval has value 21600
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_smart_refresh_interval has value 900
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_random_offset has value 0
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_use_host_filter is TRUE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_hostnames has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_ip has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_include_netgroups is TRUE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_include_regexp is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_autofs_search_base has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_autofs_map_master_name has value auto.master
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_iphost_search_base has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_ipnetwork_search_base has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_schema has value ad
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_pwmodify_mode has value exop
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_offline_timeout has value 60
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_force_upper_case_realm is TRUE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_enumeration_refresh_timeout has value 300
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_enumeration_refresh_offset has value 30
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_purge_cache_timeout has value 0
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_purge_cache_offset has value 0
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cacert has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cacertdir has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cert has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_key has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cipher_suite has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_id_use_start_tls is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_id_mapping is TRUE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_mech has value GSS-SPNEGO
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_authid has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_realm has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_minssf has value -1
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_maxssf has value -1
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_krb5_keytab has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_krb5_init_creds is TRUE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_server has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_backup_server has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_realm has value CO.CHAMPAIGN.IL.US
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_canonicalize is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_use_kdcinfo is TRUE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_kdcinfo_lookahead has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_pwd_policy has value none
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_referrals is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option account_cache_expiration has value 0
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_dns_service_name has value ldap
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_krb5_ticket_lifetime has value 86400
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_access_filter has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_netgroup_search_base has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_nesting_level has value 2
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_deref has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_account_expire_policy has value ad
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_access_order has value filter
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_uri has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_backup_uri has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_dns_service_name has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_update_last_change is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_enumeration_search_timeout has value 60
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_auth_disable_tls_never_use_in_production is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_page_size has value 1000
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_deref_threshold has value 10
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_ignore_unreadable_references is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_canonicalize is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_connection_expire_timeout has value 900
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_connection_expire_offset has value 0
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_connection_idle_timeout has value 900
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_disable_paging is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_range_min has value 200000
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_range_max has value 2000200000
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_range_size has value 200000
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_autorid_compat is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_default_domain has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_default_domain_sid has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_helper_table_size has value 10
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_use_tokengroups is TRUE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_rfc2307_fallback_to_local_users is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_disable_range_retrieval is FALSE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_min_id has value 0
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_max_id has value 0
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_pwdlockout_dn has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option wildcard_limit has value 1000
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_library_debug_level has value 0
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_use_ppolicy is TRUE
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_ppolicy_pwd_change_threshold has value 0
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_entry_usn has value uSNChanged
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_rootdse_last_usn has value highestCommittedUSN
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_object_class has value user
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_name has value sAMAccountName
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_pwd has value unixUserPassword
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_uid_number has value uidNumber
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_gid_number has value gidNumber
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_gecos has value gecos
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_home_directory has value unixHomeDirectory
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shell has value loginShell
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_principal has value userPrincipalName
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_fullname has value name
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_member_of has value memberOf
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_uuid has value objectGUID
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_objectsid has value objectSID
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_primary_group has value primaryGroupID
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_modify_timestamp has value whenChanged
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_entry_usn has value uSNChanged
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_last_change has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_min has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_max has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_warning has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_inactive has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_expire has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_flag has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_krb_last_pwd_change has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_krb_password_expiration has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_pwd_attribute has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_authorized_service has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_ad_account_expires has value accountExpires
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_ad_user_account_control has value userAccountControl
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ns_account_lock has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_authorized_host has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_authorized_rhost has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_nds_login_disabled has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_nds_login_expiration_time has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_nds_login_allowed_time_map has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_ssh_public_key has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_auth_type has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_certificate has value userCertificate;binary
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_email has value mail
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ==NO OPTION== has value sAMAccountName
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_passkey has value altSecurityIdentities
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_object_class has value group
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_object_class_alt has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_name has value sAMAccountName
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_pwd has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_gid_number has value gidNumber
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_member has value member
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_uuid has value objectGUID
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_objectsid has value objectSID
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_modify_timestamp has value whenChanged
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_entry_usn has value uSNChanged
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_type has value groupType
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_external_member has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_object_class has value nisNetgroup
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_name has value cn
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_member has value memberNisNetgroup
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_triple has value nisNetgroupTriple
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_modify_timestamp has value modifyTimestamp
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_object_class has value ipService
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_name has value cn
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_port has value ipServicePort
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_proto has value ipServiceProtocol
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_entry_usn has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_object_class has value device
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_name has value cn
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_number has value ipHostNumber
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_entry_usn has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_object_class has value ipNetwork
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_name has value cn
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_number has value ipNetworkNumber
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_entry_usn has no value 
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [ad_set_sdap_options] (0x0100): Option krb5_realm set to CO.CHAMPAIGN.IL.US
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_set_sasl_options] (0x0100): Will look for [email protected] in default keytab
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [create_child_req_send_buffer] (0x0400): buffer size: 53
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sdap_select_principal_from_keytab_sync] (0x0020): Failed to get principal from keytab (sss_atomic_read_s() failed), see ldap_child.log (pid = 1939) for details.
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:38): [be[co.champaign.il.us]] [ad_set_sdap_options] (0x0040): Cannot set the SASL-related options
(2025-01-07 10:31:38): [be[co.champaign.il.us]] [sssm_ad_init] (0x0020): Unable to init AD id options
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [ad_set_sdap_options] (0x0040): Cannot set the SASL-related options
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [sssm_ad_init] (0x0020): Unable to init AD id options
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_module_run_constructor] (0x0010): Module [ad] constructor failed [5]: Input/output error
(2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_module] (0x0020): Unable to create DP module.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_module_run_constructor] (0x0010): Module [ad] constructor failed [5]: Input/output error
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_module] (0x0020): Unable to create DP module.
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_target_init] (0x0010): Unable to load module ad
(2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_targets] (0x0020): Unable to load target [id] [80]: Accessing a corrupted shared library.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_target_init] (0x0010): Unable to load module ad
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_load_targets] (0x0020): Unable to load target [id] [80]: Accessing a corrupted shared library.
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_init] (0x0020): Unable to initialize DP targets [1432158209]: Internal Error
(2025-01-07 10:31:38): [be[co.champaign.il.us]] [be_process_init] (0x0010): Unable to setup data provider [1432158209]: Internal Error
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_init] (0x0020): Unable to initialize DP targets [1432158209]: Internal Error
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [dp_terminate_active_requests] (0x0400): Terminating active data provider requests
   *  (2025-01-07 10:31:38): [be[co.champaign.il.us]] [be_process_init] (0x0010): Unable to setup data provider [1432158209]: Internal Error
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:38): [be[co.champaign.il.us]] [main] (0x0010): Could not initialize backend [1432158209]
(2025-01-07 10:31:42): [be[co.champaign.il.us]] [server_setup] (0x3f7c0): Starting with debug level = 0x0070
(2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_select_principal_from_keytab_sync] (0x0020): Failed to get principal from keytab (sss_atomic_read_s() failed), see ldap_child.log (pid = 1989) for details.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  [be[co.champaign.il.us]] [ldb] (0x0400): server_sort:Unable to register control with rootdse!
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [server_setup] (0x0400): CONFDB: /var/lib/sss/db/config.ldb
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option lookup_family_order has value ipv4_first
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_timeout has value 6
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_op_timeout has value 3
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_server_timeout has value 1000
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_resolver_use_search_list is TRUE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option dns_discovery_domain has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option failover_primary_timeout has value 31
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [be_res_get_opts] (0x0100): Lookup order: ipv4_first
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [recreate_ares_channel] (0x0100): Initializing new c-ares channel
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [fo_context_init] (0x0400): Created new fail over context, retry timeout is 30
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [confdb_init_domain_provider_and_enum] (0x0400): No enumeration for [co.champaign.il.us]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [confdb_init_domain_pwd_expire] (0x1000): pwd_expiration_warning is -1
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sysdb_domain_init_internal] (0x0200): DB File for co.champaign.il.us: /var/lib/sss/db/cache_co.champaign.il.us.ldb
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sysdb_domain_init_internal] (0x0200): Timestamp file for co.champaign.il.us: /var/lib/sss/db/timestamps_co.champaign.il.us.ldb
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sysdb_ldb_connect] (0x4000): No ldb module path set in env
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [ldb] (0x0400): asq: Unable to register control with rootdse!
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sysdb_ldb_connect] (0x4000): No ldb module path set in env
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sss_domain_get_state] (0x1000): Domain co.champaign.il.us is Active
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sss_names_init_from_args] (0x0100): Using re [^(((?P<domain>[^\\]+)\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<name>[^@\\]+)))$].
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sss_fqnames_init] (0x0100): Using fq format [%1$s@%2$s].
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sbus_dbus_connect_address] (0x0400): Connected to unix:path=/var/lib/sss/pipes/private/sbus-master bus as sssd.domain_co_2echampaign_2eil_2eus
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Introspectable on path /*
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sbus_router_add_path] (0x0400): Registering interface org.freedesktop.DBus.Properties on path /*
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sbus_watch_add] (0x2000): Created a disabled -/W watch on 15
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sbus_watch_toggle] (0x4000): Toggle to enabled R/- watch on 15
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sbus_router_listen] (0x0400): Registering signal listener org.freedesktop.DBus.NameOwnerChanged on path /org/freedesktop/DBus
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sbus_router_listen] (0x0400): Registering signal listener org.freedesktop.DBus.NameAcquired on path /org/freedesktop/DBus
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [id]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [auth]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [simple] provider for [access]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [chpass]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [sudo]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [autofs]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [selinux]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [hostid]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [subdomains]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [session]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_configuration] (0x0100): Using [ad] provider for [resolver]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_target_init] (0x0400): Initializing target [id] with module [ad]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_module] (0x0400): About to load module [ad].
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_module_open_lib] (0x1000): Loading module [ad] with path [/usr/lib64/sssd/libsss_ad.so]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_module_run_constructor] (0x0400): Executing module [ad] constructor.
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_domain has value co.champaign.il.us
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_enabled_domains has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_server has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_backup_server has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_hostname has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_keytab has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_realm has value CO.CHAMPAIGN.IL.US
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_enable_dns_sites is TRUE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_access_filter has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_enable_gc is TRUE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_access_control has value enforcing
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_implicit_deny is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_ignore_unreadable is TRUE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_cache_timeout has value 5
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_interactive has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_remote_interactive has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_network has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_batch has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_service has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_permit has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_map_deny has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_gpo_default_right has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_site has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_confd_path has value /var/lib/sss/pubconf/krb5.include.d
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_maximum_machine_account_password_age has value 30
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_machine_account_password_renewal_opts has value 86400:750:300
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_update_samba_machine_account_password is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ad_use_ldaps is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): No AD server set, will use service discovery!
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): The hostname [bluefin] has been expanded to FQDN [bluefin]. If sssd should really use the short hostname, please set ad_hostname explicitly.
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): Setting ad_hostname to [bluefin].
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [ad_get_common_options] (0x0100): Setting domain option case_sensitive to [false]
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [krb5_service_new] (0x0100): write_kdcinfo for realm CO.CHAMPAIGN.IL.US set to false
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [fo_new_service] (0x0400): Creating new service 'AD'
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [fo_new_service] (0x0400): Creating new service 'AD_GC'
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [ad_failover_init] (0x0100): No primary servers defined, using service discovery
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [resolv_is_address] (0x4000): [_srv_] does not look like an IP address
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [fo_add_srv_server] (0x0400): Adding new SRV server to service 'AD_GC' using 'tcp'.
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [fo_add_srv_server] (0x0400): Adding new SRV server to service 'AD' using 'tcp'.
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [_ad_servers_init] (0x0100): Added service discovery for AD
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_uri has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_backup_uri has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_search_base has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_default_bind_dn has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_default_authtok_type has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_default_authtok has no binary value.
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_search_timeout has value 6
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_network_timeout has value 6
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_opt_timeout has value 8
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_reqcert has value hard
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_search_base has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_search_scope has value sub
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_search_filter has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_user_extra_attrs has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_search_base has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_search_scope has value sub
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_search_filter has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_host_search_base has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_service_search_base has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_search_base has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_full_refresh_interval has value 21600
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_smart_refresh_interval has value 900
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_random_offset has value 0
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_use_host_filter is TRUE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_hostnames has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_ip has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_include_netgroups is TRUE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sudo_include_regexp is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_autofs_search_base has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_autofs_map_master_name has value auto.master
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_iphost_search_base has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_ipnetwork_search_base has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_schema has value ad
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_pwmodify_mode has value exop
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_offline_timeout has value 60
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_force_upper_case_realm is TRUE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_enumeration_refresh_timeout has value 300
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_enumeration_refresh_offset has value 30
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_purge_cache_timeout has value 0
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_purge_cache_offset has value 0
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cacert has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cacertdir has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cert has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_key has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_tls_cipher_suite has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_id_use_start_tls is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_id_mapping is TRUE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_mech has value GSS-SPNEGO
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_authid has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_realm has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_minssf has value -1
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_maxssf has value -1
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_krb5_keytab has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_krb5_init_creds is TRUE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_server has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_backup_server has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_realm has value CO.CHAMPAIGN.IL.US
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_canonicalize is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_use_kdcinfo is TRUE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option krb5_kdcinfo_lookahead has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_pwd_policy has value none
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_referrals is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option account_cache_expiration has value 0
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_dns_service_name has value ldap
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_krb5_ticket_lifetime has value 86400
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_access_filter has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_netgroup_search_base has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_group_nesting_level has value 2
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_deref has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_account_expire_policy has value ad
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_access_order has value filter
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_uri has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_backup_uri has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_dns_service_name has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_chpass_update_last_change is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_enumeration_search_timeout has value 60
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_auth_disable_tls_never_use_in_production is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_page_size has value 1000
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_deref_threshold has value 10
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_ignore_unreadable_references is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_sasl_canonicalize is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_connection_expire_timeout has value 900
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_connection_expire_offset has value 0
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_connection_idle_timeout has value 900
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_disable_paging is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_range_min has value 200000
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_range_max has value 2000200000
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_range_size has value 200000
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_autorid_compat is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_default_domain has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_default_domain_sid has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_idmap_helper_table_size has value 10
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_use_tokengroups is TRUE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_rfc2307_fallback_to_local_users is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_disable_range_retrieval is FALSE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_min_id has value 0
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_max_id has value 0
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_pwdlockout_dn has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option wildcard_limit has value 1000
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_library_debug_level has value 0
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_use_ppolicy is TRUE
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_get_options] (0x0400): Option ldap_ppolicy_pwd_change_threshold has value 0
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_entry_usn has value uSNChanged
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_rootdse_last_usn has value highestCommittedUSN
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_object_class has value user
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_name has value sAMAccountName
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_pwd has value unixUserPassword
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_uid_number has value uidNumber
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_gid_number has value gidNumber
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_gecos has value gecos
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_home_directory has value unixHomeDirectory
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shell has value loginShell
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_principal has value userPrincipalName
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_fullname has value name
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_member_of has value memberOf
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_uuid has value objectGUID
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_objectsid has value objectSID
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_primary_group has value primaryGroupID
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_modify_timestamp has value whenChanged
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_entry_usn has value uSNChanged
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_last_change has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_min has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_max has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_warning has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_inactive has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_expire has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_shadow_flag has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_krb_last_pwd_change has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_krb_password_expiration has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_pwd_attribute has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_authorized_service has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_ad_account_expires has value accountExpires
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_ad_user_account_control has value userAccountControl
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ns_account_lock has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_authorized_host has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_authorized_rhost has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_nds_login_disabled has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_nds_login_expiration_time has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_nds_login_allowed_time_map has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_ssh_public_key has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_auth_type has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_certificate has value userCertificate;binary
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_email has value mail
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ==NO OPTION== has value sAMAccountName
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_user_passkey has value altSecurityIdentities
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_object_class has value group
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_object_class_alt has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_name has value sAMAccountName
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_pwd has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_gid_number has value gidNumber
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_member has value member
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_uuid has value objectGUID
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_objectsid has value objectSID
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_modify_timestamp has value whenChanged
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_entry_usn has value uSNChanged
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_type has value groupType
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_group_external_member has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_object_class has value nisNetgroup
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_name has value cn
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_member has value memberNisNetgroup
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_triple has value nisNetgroupTriple
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_netgroup_modify_timestamp has value modifyTimestamp
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_object_class has value ipService
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_name has value cn
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_port has value ipServicePort
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_proto has value ipServiceProtocol
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_service_entry_usn has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_object_class has value device
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_name has value cn
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_number has value ipHostNumber
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_iphost_entry_usn has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_object_class has value ipNetwork
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_name has value cn
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_number has value ipNetworkNumber
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_get_map] (0x0400): Option ldap_ipnetwork_entry_usn has no value 
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [ad_set_sdap_options] (0x0100): Option krb5_realm set to CO.CHAMPAIGN.IL.US
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_set_sasl_options] (0x0100): Will look for [email protected] in default keytab
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [create_child_req_send_buffer] (0x0400): buffer size: 53
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sdap_select_principal_from_keytab_sync] (0x0020): Failed to get principal from keytab (sss_atomic_read_s() failed), see ldap_child.log (pid = 1989) for details.
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:42): [be[co.champaign.il.us]] [ad_set_sdap_options] (0x0040): Cannot set the SASL-related options
(2025-01-07 10:31:42): [be[co.champaign.il.us]] [sssm_ad_init] (0x0020): Unable to init AD id options
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [ad_set_sdap_options] (0x0040): Cannot set the SASL-related options
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [sssm_ad_init] (0x0020): Unable to init AD id options
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_module_run_constructor] (0x0010): Module [ad] constructor failed [5]: Input/output error
(2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_module] (0x0020): Unable to create DP module.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_module_run_constructor] (0x0010): Module [ad] constructor failed [5]: Input/output error
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_module] (0x0020): Unable to create DP module.
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_target_init] (0x0010): Unable to load module ad
(2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_targets] (0x0020): Unable to load target [id] [80]: Accessing a corrupted shared library.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_target_init] (0x0010): Unable to load module ad
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_load_targets] (0x0020): Unable to load target [id] [80]: Accessing a corrupted shared library.
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_init] (0x0020): Unable to initialize DP targets [1432158209]: Internal Error
(2025-01-07 10:31:42): [be[co.champaign.il.us]] [be_process_init] (0x0010): Unable to setup data provider [1432158209]: Internal Error
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING BACKTRACE:
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_init] (0x0020): Unable to initialize DP targets [1432158209]: Internal Error
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [dp_terminate_active_requests] (0x0400): Terminating active data provider requests
   *  (2025-01-07 10:31:42): [be[co.champaign.il.us]] [be_process_init] (0x0010): Unable to setup data provider [1432158209]: Internal Error
********************** BACKTRACE DUMP ENDS HERE *********************************

(2025-01-07 10:31:42): [be[co.champaign.il.us]] [main] (0x0010): Could not initialize backend [1432158209]

P.S. My /etc/sssd/sssd.conf file in case having that helps:

[sssd]
domains = co.champaign.il.us
config_file_version = 2
services = nss, pam

[domain/co.champaign.il.us]
default_shell = /bin/bash
krb5_store_password_if_offline = True
cache_credentials = True
krb5_realm = CO.CHAMPAIGN.IL.US
realmd_tags = manages-system joined-with-adcli 
id_provider = ad
fallback_homedir = /home/%u@%d
ad_domain = co.champaign.il.us
use_fully_qualified_names = True
ldap_id_mapping = True
access_provider = simple
ad_gpo_ignore_unreadable = True
simple_allow_users = fj44404

@alexey-tikhonov
Copy link
Member

(unfortunately /var/log/sssd/ldap_child.log is empty)

what is the output of getcap /usr/libexec/sssd/*?

@ccrpc-fjunge
Copy link
Author

ccrpc-fjunge commented Jan 7, 2025
edited
Loading

The output of getcap /usr/libexec/sssd/* is

/usr/libexec/sssd/krb5_child cap_chown,cap_dac_override,cap_setgid,cap_setuid=ep
/usr/libexec/sssd/ldap_child cap_chown,cap_dac_override,cap_setgid,cap_setuid=ep
/usr/libexec/sssd/sssd_pam cap_dac_read_search=p

@ccrpc-fjunge
Copy link
Author

Trying again a few times, ldap_child.log is now populated.

The error related to Failed to get principal from keytab (sss_atomic_read_s() failed), see ldap_child.log (pid = 2002) for details. seems to be Failed to initialize credentials using keytab [MEMORY:/etc/krb5.keytab]: Preauthentication failed. Unable to create GSSAPI-encrypted LDAP connection.

(2025-01-07 15:54:53): [ldap_child[22119]] [ldap_child_get_tgt_sync] (0x0010): Failed to initialize credentials using keytab [MEMORY:/etc/krb5.keytab]: Preauthentication failed. Unable to create GSSAPI-encrypted LDAP connection.
(2025-01-07 15:54:53): [ldap_child[22119]] [handle_get_tgt] (0x0020): ldap_child_get_tgt_sync() failed.

@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jan 8, 2025
edited
Loading

The error related to Failed to get principal from keytab (sss_atomic_read_s() failed), see ldap_child.log (pid = 2002) for details. seems to be Failed to initialize credentials using keytab [MEMORY:/etc/krb5.keytab]: Preauthentication failed. Unable to create GSSAPI-encrypted LDAP connection.

No, those are different (though most probably one is a consequence of another).

Could you please set

debug_level = 9
debug_microseconds = true

in the domain section of sssd.conf, stop sssd, clear /var/log/sssd/*, start sssd, match "Failed to get principal from keytab (sss_atomic_read_s() failed)" with corresponding part of 'ldap_child.log' using microseconds and post it?

@ccrpc-fjunge
Copy link
Author

My apologies but the ldap_child.log file has gone back to being empty.
I have attempted to recreate whatever happened yesterday that caused it to be populated but have been unable to.

❯ sudo ls -la /var/log/sssd
total 160
drwxrwx---. 1 sssd sssd     98 Jan  8 10:38 .
drwxr-xr-x. 1 root root    354 Jan  3 08:52 ..
-rw-------. 1 sssd sssd      0 Jan  8 10:38 ldap_child.log
-rw-------. 1 sssd sssd 140936 Jan  8 10:38 sssd_co.champaign.il.us.log
-rw-------. 1 sssd sssd  19086 Jan  8 10:38 sssd.log
 
~ 
❯ sudo cat /var/log/sssd/ldap_child.log
 
~ 
❯

@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jan 8, 2025
edited
Loading

Ok, I asked this but missed to read response properly, sorry.

The output of getcap /usr/libexec/sssd/* is

/usr/libexec/sssd/krb5_child cap_chown,cap_dac_override,cap_setgid,cap_setuid=ep
/usr/libexec/sssd/ldap_child cap_chown,cap_dac_override,cap_setgid,cap_setuid=ep
/usr/libexec/sssd/sssd_pam cap_dac_read_search=p

So this ^^ is wrong.
Proper capabilities for sssd-2.10.1 are:

krb5_child cap_dac_read_search,cap_setgid,cap_setuid=p
ldap_child cap_dac_read_search=p

(see 1614c5e)

This is a bug in ostree-rs-ext -- see ostreedev/ostree-rs-ext#654
But it was fixed some time ago - ostreedev/ostree-rs-ext#679
I don't know if / when Bluefin picks up this fix.

Until then you can add 'CAP_CHOWN CAP_DAC_OVERRIDE' back to sssd.service CapabilityBoundingSet= as a work around (I guess '/usr/libexec/sssd/' is immutable on your system so you can't fix file capabilities manually).

@ccrpc-fjunge
Copy link
Author

It's working (tentatively)!

Specifically, I ran sudo systemctl edit sssd

And added

### Anything between here and the comment below will become the contents of the drop-in file

[Service]
CapabilityBoundingSet= CAP_SETGID CAP_SETUID CAP_DAC_READ_SEARCH CAP_CHOWN CAP_DAC_OVERRIDE

### Edits below this comment will be discarded

This creates the override file /etc/systemd/system/sssd.service.d/override.conf, which systemd takes into account when starting the service.

So in short, the steps to get AD Domain logins working on bluefin-dx using version 2.10.1 of sssd:

1. sudo chmod g+x -R /etc/sssd
2. sudo systemctl edit sssd
- Adding:

[Service]
CapabilityBoundingSet= CAP_SETGID CAP_SETUID CAP_DAC_READ_SEARCH CAP_CHOWN CAP_DAC_OVERRIDE

The sudo chmod g+x step will be unnecessary once a release which includes patch #7783 is pushed and accepted.

For the getcap /usr/libexec/sssd/* mismatch I will go communicate with the bluefin developers to see what the story is there / if there is a reason ostreedev/ostree-rs-ext#679 has not been picked up yet.

I need to test this on my coworker's laptop to see if it fixes the issue there as well.

@alexey-tikhonov
Copy link
Member

So in short, the steps to get AD Domain logins working on bluefin-dx using version 2.10.1 of sssd:

It is not "AD domain" specific.

  1. sudo chmod g+x -R /etc/sssd

You only need 'x' flag on folders, not on config files itself.
Something like /bin/find /etc/sssd -type d -exec /bin/chmod ...

@ccrpc-fjunge
Copy link
Author

ccrpc-fjunge commented Jan 8, 2025
edited
Loading

It is not "AD domain" specific.

Good catch!

You only need 'x' flag on folders, not on config files itself.
Something like /bin/find /etc/sssd -type d -exec /bin/chmod ...

This is good to know, the command I have passed on was sudo /bin/find /etc/sssd -type d -exec /bin/chmod g+x {} \;

As to

This is a bug in ostree-rs-ext -- see ostreedev/ostree-rs-ext#654
But it was fixed some time ago - ostreedev/ostree-rs-ext#679
I don't know if / when Bluefin picks up this fix.

That seems to be incorporated into bootc here: containers/bootc#920
Which is mentioned in ostree here: ostreedev/ostree#3343
Which is fixed by ostreedev/ostree#3346
Which is part of the https://github.com/ostreedev/ostree/releases/tag/v2024.10 release.

So when fedora / bluefin pulls in the following package: https://bodhi.fedoraproject.org/updates/FEDORA-2024-e7abdb1f24

The sudo systemctl edit sssd override should no longer be necessary (and is something one will probably want to remove).

Thank you for all of your help on this!

@ccrpc-fjunge
Copy link
Author

Would you happen to know when patch #7783 will be sent out to the rest of Fedora and be in a bodhi.fedoraproject.org/updates/ package?

@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jan 9, 2025
edited
Loading

Thank you for all of your help on this!

Thank you for the great write up.

Just a small note about:

The permissions for the directory were not updated for 2.10.1

-- this specific issue is with rpm-ostree based systems. More traditional package based system had this covered properly in a spec-file. But this is a known "trap" that rpm-ostree can't propagate /etc and /var updates of underlying packages. And this is the main reason of all those (really undesirable) gimmicks with chmod/chown in sssd.service...
Sorry for this poor experience. It's not that we do not test our updates at all, but there is some acknowledged lack of rpm-ostree based systems testing.

Would you happen to know when patch #7783 will be sent out to the rest of Fedora and be in a bodhi.fedoraproject.org/updates/ package?

I hope no later than by the end of the month, maybe earlier. But not hard promises.

@ccrpc-fjunge
Copy link
Author

The credit for that great write up goes to my coworker, he has been working on the communicating-with-bluefin side of this and attempting to get things working alongside me. His help has been instrumental.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alexey-tikhonov alexey-tikhonov

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alexey-tikhonov @ccrpc-fjunge