[Freeipa-users] Configure IPA 3.1.5 client for sudo?
Dean Hunter
deanhunter at comcast.net
Tue Jun 25 13:56:55 UTC 2013
Yay, It works! Once I thumb finger the configuration files correctly.
May I request that y'all start alphabetizing entries where sequence is
not important so that it is easier for humans to find a single entry:
[dean at desktop ~]$ sudo cat /etc/sssd/sssd.conf
[sudo] password for dean:
[sssd]
config_file_version = 2
domains = hunter.org
services = autofs, nss, pam, ssh, sudo
[domain/hunter.org]
access_provider = ipa
auth_provider = ipa
autofs_provider = ipa
cache_credentials = True
chpass_provider = ipa
id_provider = ipa
ipa_automount_location = VM
ipa_domain = hunter.org
ipa_dyndns_update = True
ipa_hostname = desktop.hunter.org
ipa_server = _srv_, ipa.hunter.org
krb5_store_password_if_offline = True
ldap_tls_cacert = /etc/ipa/ca.crt
# For the SUDO integration
krb5_server = ipa.hunter.org
ldap_sasl_authid = host/desktop.hunter.org
ldap_sasl_mech = GSSAPI
ldap_sasl_realm = HUNTER.ORG
ldap_sudo_search_base = ou=sudoers,dc=hunter,dc=org
ldap_uri = ldap://ipa.hunter.org
sudo_provider = ldap
[autofs]
[nss]
[pac]
[pam]
[ssh]
[sudo]
[dean at desktop ~]$
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130625/96167426/attachment.htm>
More information about the Freeipa-users
mailing list