id: No such user. SSSD based authentication over LDAP

[sprilutsky]

sssd based authentication over Oracle LDAP server.

# ldapsearch -x -v "uid=spriluwd" - works
# id spriluwd
id: spriluwd: No such user

########################
# cat /etc/pam_ldap.conf
uri ldap://plap-w2odse0104.wag2lab.local:1389
base dc=wag2lab,dc=local
scope sub
binddn uid=SysAdminService,ou=Service Accounts,dc=wag2lab,dc=local
bindpw <password>
nss_map_attribute uniqueMember uniqueMember
ldap_version 3
pam_password md5
pam_filter objectClass=posixAccount
nss_base_passwd dc=wag2lab,dc=local
nss_base_shadow dc=wag2lab,dc=local
nss_base_group ou=groups,dc=wag2lab,dc=local
pam_groupdn cn=sysadmin,ou=Groups, dc=wag2lab,dc=local
bind_policy soft
pam_lookup_policy yes
nss_initgroups_ignoreusers root,ldap
nss_schema rfc2307bis
nss_map_objectclass posixGroup posixGroup
nss_map_objectclass posixAccount inetorgperson
pam_member_attribute uniqueMember
ssl no
tls_cacertdir /etc/openldap/cacerts

###########################################
snippet from /etc/nsswitch.conf:
passwd: files sss
shadow: files sss
group: files sss


#############################################
# cat /etc/sssd/sssd.conf
[sssd]
config_file_version = 2
services = nss, pam
domains = default

[nss]
filter_users = root,ldap,named,avahi,haldaemon,dbus,radiusd,news,nscd

[pam]

[domain/default]
auth_provider = ldap
id_provider = ldap
ldap_schema = rfc2307
ldap_search_base = dc=wag2lab,dc=local
ldap_group_member = uniquemember
ldap_tls_reqcert = never
ldap_id_use_start_tls = False
chpass_provider = ldap
ldap_uri = ldap://plap-w2odse0104.wag2lab.local:1389/
ldap_tls_cacertdir = /etc/openldap/cacerts
entry_cache_timeout = 600
ldap_network_timeout = 3
#ldap_access_filter = (&(object)(object))
ldap_default_bind_dn = uid=SysAdminService,ou=Service Accounts,dc=wag2lab,dc=local
ldap_default_authtok_type = password
ldap_default_authtok = <password>
cache_credentials = True
enumerate=true

[aks]

Aren't you supposed to use getent passwd <user>?