[Freeipa-users] Sudo works for full access, but not on a per command or host level.
Jakub Hrozek
jhrozek at redhat.com
Tue Oct 16 17:05:19 UTC 2012
On Tue, Oct 16, 2012 at 12:09:50PM -0400, Dmitri Pal wrote:
> > sudo: ldap sudoHost 'dbduwdu062.dbr.roche.com' ... not
> >
>
> So this is the name the sudo client tries to match and it does not seem
> to find any hosts.
> Now we need to look at the ou=SUDOers,dc=dbr,dc=roche,dc=com with
> ldapsearch and see the SUDO rules that are exposed by the server and
> match them visually to the current host.
>
Can you also check if the host name on the broken host is set correctly
and resolves fine?
More information about the Freeipa-users
mailing list