[Freeipa-users] ldapsearch queries for audit
Herb Burnswell
herbert.burnswell at gmail.com
Wed Dec 17 18:05:49 UTC 2014
Dimitry,
Thank you for your response. I don't necessarily need to do everything in
a single query. I'm just interested in understanding how to output the
information I need and I can adjust the queries accordingly. I.E. where is
the information saved: cn=sudoers, where sudo info is saved, etc.
For example; Does anyone know how I can do an ldapsearch to output all the
sudo rules in the format we would see in /etc/sudoers file? I have to
imagine that the rules are just saved in the database to allow for sudo on
the local systems to read.
Thanks,
Herb
On Tue, Dec 16, 2014 at 11:31 AM, Herb Burnswell <
herbert.burnswell at gmail.com> wrote:
>
> All,
>
> We are running the following versions on RHEL 6.6:
>
> ipa-server.x86_64 3.0.0-42.el6
> 389-ds.noarch 1.2.2-1.el6
>
> I'm not very experienced with the ldapsearch and would greatly appreciate
> some guidance. I'd like to run some ldapsearch's that will return access
> information for specific hosts. For example; I'd like to return what users
> have access to 'host x' and what sudo rules are available to these users.
>
> Any assistance is appreciated.
>
> TIA,
>
> Herb
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141217/0931c631/attachment.htm>
More information about the Freeipa-users
mailing list