sssd + ad не работает

rpm -qa |grep sssd
sssd-tools-1.9.2-129.el6_5.4.x86_64
sssd-1.9.2-129.el6_5.4.x86_64
sssd-client-1.9.2-129.el6_5.4.x86_64

cat /etc/sssd/sssd.conf
[sssd]
config_file_version=2
services=nss, pam
domains=BANANA.COM

[domain/BANANA.COM]
debug_level = 10
id_provider=ad
access_provider=ad
dyndns_update=false
enumerate=true
#ldap_id_mapping=true
#krb5_realm=BANANA.COM
krb5_keytab=/etc/krb5.keytab
krb5_canonicalize = False
ad_hostname = comp1.banana.com

#ldap_schema = ad
access_provider = simple

(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sbus_dispatch] (0x4000): dbus conn: 2594380
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sbus_dispatch] (0x4000): Dispatching.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sbus_message_handler] (0x4000): Received SBUS method [getDomains]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_get_subdomains] (0x2000): Undefined backend target.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sbus_dispatch] (0x4000): dbus conn: 2594380
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sbus_dispatch] (0x4000): Dispatching.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sbus_message_handler] (0x4000): Received SBUS method [getAccountInfo]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_get_account_info] (0x0100): Got request for [4097][1][name=uu]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_get_account_info] (0x0100): Request processed. Returned 1,11,Fast reply - offline
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_op_connect_step] (0x4000): beginning to connect
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_server_status] (0x1000): Status of server 'win-tcba4j6tnvm.banana.com' is 'name resolved'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_port_status] (0x1000): Port status of port 389 for server 'win-tcba4j6tnvm.banana.com' is 'not working'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_port_status] (0x0100): Reseting the status of port 389 for server 'win-tcba4j6tnvm.banana.com'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_resolve_service_activate_timeout] (0x2000): Resolve timeout set to 6 seconds
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_server_status] (0x1000): Status of server 'win-tcba4j6tnvm.banana.com' is 'name resolved'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_resolve_server_process] (0x1000): Saving the first resolved server
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_resolve_server_process] (0x0200): Found address for server win-tcba4j6tnvm.banana.com: [10.229.78.140] TTL 7200
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [ad_resolve_callback] (0x0100): Constructed uri 'ldap://win-tcba4j6tnvm.banana.com'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sss_ldap_init_send] (0x4000): Using file descriptor [21] for LDAP connection.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_ldap_connect_callback_add] (0x1000): New LDAP connection to [ldap://win-tcba4j6tnvm.banana.com:389/??base] with fd [21].
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_rootdse_send] (0x4000): Getting rootdse
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][].
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [*]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [altServer]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [namingContexts]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedControl]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedExtension]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedFeatures]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedLDAPVersion]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [supportedSASLMechanisms]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [domainControllerFunctionality]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [defaultNamingContext]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [lastUSN]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [highestCommittedUSN]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_step] (0x2000): ldap_search_ext called, msgid = 1
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_process_result] (0x2000): Trace: sh[0x25a5880], connected[1], ops[0x25a44a0], ldap[0x2597860]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_process_message] (0x4000): Message type: [LDAP_RES_SEARCH_ENTRY]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_entry] (0x4000): OriginalDN: [].
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [currentTime]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [subschemaSubentry]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [dsServiceName]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [namingContexts]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [defaultNamingContext]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [schemaNamingContext]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [configurationNamingContext]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [rootDomainNamingContext]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedControl]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedLDAPVersion]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedLDAPPolicies]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [highestCommittedUSN]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedSASLMechanisms]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [dnsHostName]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [ldapServiceName]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [serverName]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedCapabilities]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [isSynchronized]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [isGlobalCatalogReady]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [supportedExtension]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [domainFunctionality]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [forestFunctionality]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_parse_range] (0x2000): No sub-attributes for [domainControllerFunctionality]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_process_result] (0x2000): Trace: sh[0x25a5880], connected[1], ops[0x25a44a0], ldap[0x2597860]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_process_message] (0x4000): Message type: [LDAP_RES_SEARCH_RESULT]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg set
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_rootdse_done] (0x2000): Got rootdse
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_rootdse_done] (0x2000): Skipping auto-detection of match rule
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_server_opts_from_rootdse] (0x4000): USN value: 16416 (int: 16416)
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_server_opts_from_rootdse] (0x0100): Setting AD compatibility level to [4]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_kinit_send] (0x0400): Attempting kinit (/etc/krb5.keytab, host/comp1.banana.com, BANANA.COM, 86400)
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_kinit_next_kdc] (0x1000): Resolving next KDC for service AD
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_server_status] (0x1000): Status of server 'win-tcba4j6tnvm.banana.com' is 'name resolved'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_resolve_service_activate_timeout] (0x2000): Resolve timeout set to 6 seconds
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_server_status] (0x1000): Status of server 'win-tcba4j6tnvm.banana.com' is 'name resolved'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_resolve_server_process] (0x1000): Saving the first resolved server
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_resolve_server_process] (0x0200): Found address for server win-tcba4j6tnvm.banana.com: [10.229.78.140] TTL 7200
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_kinit_kdc_resolved] (0x1000): KDC resolved, attempting to get TGT...
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [create_tgt_req_send_buffer] (0x1000): buffer size: 63
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [child_handler_setup] (0x2000): Setting up signal handler up for pid [1386]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [child_handler_setup] (0x2000): Signal handler set up for pid [1386]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_process_result] (0x2000): Trace: sh[0x25a5880], connected[1], ops[(nil)], ldap[0x2597860]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_process_result] (0x2000): Trace: ldap_result found nothing!
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [write_pipe_handler] (0x0400): All data has been sent!

==> /var/log/sssd/ldap_child.log <==
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [main] (0x0400): ldap_child started.
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [main] (0x2000): context initialized
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): total buffer size: 63
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): realm_str size: 10
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): got realm_str: BANANA.COM
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): princ_str size: 21
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): got princ_str: host/comp1.banana.com
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): keytab_name size: 16
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): got keytab_name: /etc/krb5.keytab
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [unpack_buffer] (0x1000): lifetime: 86400
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [main] (0x2000): getting TGT sync
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x2000): Kerberos context initialized
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x2000): got realm_name: [BANANA.COM]
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x0100): Principal name is: [host/comp1.banana.com@BANANA.COM]
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x0100): Using keytab [/etc/krb5.keytab]
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x2000): keytab ccname: [FILE:/var/lib/sss/db/ccache_BANANA.COM]
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.584607: Getting initial credentials for host/comp1.banana.com@BANANA.COM

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.584752: Looked up etypes in keytab: des-cbc-crc, des, des-cbc-crc, rc4-hmac, aes256-cts, aes128-cts

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.584812: Sending request (209 bytes) to BANANA.COM

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.585032: Sending initial UDP request to dgram 10.229.78.140:88

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.586755: Received answer from dgram 10.229.78.140:88

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.586920: Response was from master KDC

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.586976: Received error from KDC: -1765328359/Additional pre-authentication required

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587044: Processing preauth types: 16, 15, 19, 2

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587083: Selected etype info: etype rc4-hmac, salt "(null)", params ""

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587156: Retrieving host/comp1.banana.com@BANANA.COM from FILE:/etc/krb5.keytab (vno 0, enctype rc4-hmac) with result: 0/Success

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587215: AS key obtained for encrypted timestamp: rc4-hmac/A0CB

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587298: Encrypted timestamp (for 1397634371.587245): plain 301AA011180F32303134303431363037343631315AA105020308F5ED, encrypted BC2AC55D1D43B6FC2736D5B8D71C3B88CB440F0BC5D20CA1046766499EB08DCACAEC50FCE01A5DF4CC6141D185A5171B2CBC1B0A

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587340: Preauth module encrypted_timestamp (2) (flags=1) returned: 0/Success

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587369: Produced preauth for next request: 2

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587408: Sending request (285 bytes) to BANANA.COM (master)

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.587483: Sending initial UDP request to dgram 10.229.78.140:88

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588351: Received answer from dgram 10.229.78.140:88

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588454: Salt derived from principal: BANANA.COMhostcomp1.banana.com

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588515: AS key determined by preauth: rc4-hmac/A0CB

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588575: Decrypted AS reply; session key is: rc4-hmac/E3B7

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588605: FAST negotiation: unavailable

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x2000): credentials initialized
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588706: Initializing FILE:/var/lib/sss/db/ccache_BANANA.COM with default princ host/comp1.banana.com@BANANA.COM

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588917: Removing host/comp1.banana.com@BANANA.COM -> krbtgt/BANANA.COM@BANANA.COM from FILE:/var/lib/sss/db/ccache_BANANA.COM

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [sss_child_krb5_trace_cb] (0x4000): [1386] 1397634371.588954: Storing host/comp1.banana.com@BANANA.COM -> krbtgt/BANANA.COM@BANANA.COM in FILE:/var/lib/sss/db/ccache_BANANA.COM

(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x2000): credentials stored
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [ldap_child_get_tgt_sync] (0x2000): Got KDC time offset
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [prepare_response] (0x0400): Building response for result [0]
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [pack_buffer] (0x2000): response size: 58
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [pack_buffer] (0x1000): result [0] krberr [0] msgsize [38] msg [FILE:/var/lib/sss/db/ccache_BANANA.COM]
(Wed Apr 16 11:46:11 2014) [[sssd[ldap_child[1386]]]] [main] (0x0400): ldap_child completed successfully

==> /var/log/sssd/sssd_BANANA.COM.log <==
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [read_pipe_handler] (0x0400): EOF received, client finished
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/ccache_BANANA.COM], expired on [1397670371]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_cli_auth_step] (0x0100): expire timeout is 900
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_cli_auth_step] (0x1000): the connection will expire at 1397635271
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sasl_bind_send] (0x0100): Executing sasl bind mech: gssapi, user: host/comp1.banana.com
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sasl_bind_send] (0x0020): ldap_sasl_bind failed (-2)[Local error]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sasl_bind_send] (0x0080): Extended failure message: [SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Server not found in Kerberos database)]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [child_sig_handler] (0x1000): Waiting for child [1386].
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [child_sig_handler] (0x0100): child [1386] finished successfully.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sss_child_handler] (0x2000): waitpid failed [10]: No child processes
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_set_port_status] (0x0100): Marking port 389 of server 'win-tcba4j6tnvm.banana.com' as 'not working'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_handle_release] (0x2000): Trace: sh[0x25a5880], connected[1], ops[(nil)], ldap[0x2597860], destructor_lock[0], release_memory[0]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [remove_connection_callback] (0x4000): Successfully removed connection callback.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_op_connect_done] (0x4000): attempting failover retry on op #1
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_op_connect_step] (0x4000): beginning to connect
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_server_status] (0x1000): Status of server 'win-tcba4j6tnvm.banana.com' is 'name resolved'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [get_port_status] (0x1000): Port status of port 389 for server 'win-tcba4j6tnvm.banana.com' is 'not working'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [fo_resolve_service_send] (0x0020): No available servers for service 'AD'
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_release_conn_data] (0x4000): releasing unused connection
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_resolve_server_done] (0x1000): Server resolution failed: 5
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_op_connect_done] (0x0020): Failed to connect, going offline (5 [Input/output error])
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_mark_offline] (0x2000): Going offline!
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [be_run_offline_cb] (0x0080): Going offline. Running callbacks.
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_op_connect_done] (0x4000): notify offline to op #1
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sdap_id_release_conn_data] (0x4000): releasing unused connection
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [remove_krb5_info_files] (0x0200): Could not remove [/var/lib/sss/pubconf/kpasswdinfo.BANANA.COM], [2][No such file or directory]

(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sasl_bind_send] (0x0020): ldap_sasl_bind failed (-2)[Local error]
(Wed Apr 16 11:46:11 2014) [sssd[be[BANANA.COM]]] [sasl_bind_send] (0x0080): Extended failure message: [SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Server not found in Kerberos database)]