Does anyone out there in OpenLDAP land have experience with working with OpenLDAP and SELINUX?

 

Running OpenLDAP 2.4.43 on a CentOS 7 VM.

 

SELINUX is squashing client authentication connectivity – with SELINUX in enforcing, and a user fails login (No Such User) – nothing at all in the LDAP logs the only error is in the system auth.log.  It acts as if the system authentication process does not pass off to LDAP when the user is not found locally; with SELINUX in Permissive, the user authenticates with the LDAP Server with no problems.

 

If there is anyone who has been down this road  it would be very much appreciated.

 

Sincerely,

 

 

John D. Borresen (Dave)

Linux/Unix Systems Administrator

MIT  Lincoln Laboratory

Email: john.borresen@ll.mit.edu