[Freeipa-users] users AD can not sudo in centos 6.5
Lukas Slebodnik
lslebodn at redhat.com
Tue Aug 26 12:43:54 UTC 2014
On (26/08/14 16:50), alireza baghery wrote:
>sorry for delay
>file sssd.conf:
>==============
>
>domain/example.com]
>debug_level = 6
>cache_credentials = True
>krb5_store_password_if_offline = True
>ipa_domain = l.example.com
>id_provider = ipa
>auth_provider = ipa
>access_provider = ipa
>ipa_hostname = client1.l.example.com
>chpass_provider = ipa
>ipa_server = ipaserver.l.example.com
>ldap_tls_cacert = /etc/ipa/ca.crt
>
>[sssd]
>config_file_version = 2
>services = nss, pam,ssh,sudo
>
You wrote that AD user cannot use sudo. The problem is that even ipa users
cannot use sudo with this configuration.
SSSD on CentoOS 6.5 does not have sudo_provider = ipa and thus configuration is
little bit complicated. The configuration is described in manual page sssd-sudo
man sssd-sudo
-> CONFIGURING SUDO TO COOPERATE WITH SSSD
-> CONFIGURING SSSD TO FETCH SUDO RULES
LS
More information about the Freeipa-users
mailing list