[Freeipa-users] RHEL 6.3 identity manual - IPA

[Rob Crittenden]

Fred van Zwieten wrote:
> Hi,
>
> ipa-client-install should take care of setting up sudo on the client to
> use IPA, afaik.
>

Not yet, https://fedorahosted.org/freeipa/ticket/3358

> Essential line in nsswitch.conf:
> sudoers:    files ldap
>
> Please read here
> <https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6-Beta/html-single/Identity_Management_Guide/index.html#sudo>

Note that the configuration file name is wrong for RHEL 6. You need to 
use /etc/sudo-ldap.conf.

rob

>
> As for the second question. dc=example,dc=com is, well, an example.
> example.com <http://example.com> is used throughout the documentation
> for documentation purposes where a domain name is needed. Please replace
> is with you're domain, e.g. dc=yourcompanyname,dc=com
>
> Met vriendelijke groeten,
> *
> Fred*
>
>
> On Mon, Feb 4, 2013 at 7:29 AM, Rajnesh Kumar Siwal
> <rajnesh.siwal at gmail.com <mailto:rajnesh.siwal at gmail.com>> wrote:
>
>     I am planning to use the sudo feature on IPA 2.2. By default the IPA
>     client that I configured does not seems to use fetch the sudo user
>     details.
>
>     It looks that we need to modify nsswitch.conf and ldap.conf to
>     support it.
>
>     Can sssd take care of fetching the sudo user details ?
>
>     Secondly, I am not able to find the password for
>     uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com . How do I find it ?
>     Will it be safe to change password of this sudo user or it may impact
>     the IPA Server ?
>
>     Please suggest.
>
>
>     --
>     Regards,
>     Rajnesh Kumar Siwal
>
>     _______________________________________________
>     Freeipa-users mailing list
>     Freeipa-users at redhat.com <mailto:Freeipa-users at redhat.com>
>     https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>