Error during 'LDAP Group Look Up'

Hi,

I’ve configured ManageIQ to authenticate using SAML2, with an external provider (Okta). I’m able to authenticate and login as expected but when it comes to adding a group based on an AD group it fails during the lookup:

Error during ‘LDAP Group Look Up’: Launch helper exited with unknown return code 1; caused by 3 sender=org.freedesktop.DBus -> dest=:1.19 serial=15 reply_serial=28 path=; interface=; member= error_name=org.freedesktop.DBus.Error.Spawn.ChildExited

The group exist in AD and the user is a member of that group.

running version: fine-4.20171116060428_f6f8a30

Any ideas?

Try to pull the user attribute manually to see if you getting the same error.

dbus-send --print-reply --system --dest=org.freedesktop.sssd.infopipe /org/freedesktop/sssd/infopipe org.freedesktop.sssd.infopipe.GetUserAttr string:dev2@dev.example.com array:string:mail,givenname,sn,displayname,fullname

Hi saali2016,

Thanks for the reply.

I received a timeout error:

Error org.freedesktop.DBus.Error.TimedOut: Activation of org.freedesktop.sssd.infopipe timed out

I’ve run the command you gave replacing user@domain

Can you share your sssd.conf ?

Aha. I don’t have one, it seems to be missing.

I’ll start with creating one and giving it another try.

Thanks