[Freeipa-users] Setting up sudo
Dmitri Pal
dpal at redhat.com
Thu Feb 13 23:30:37 UTC 2014
On 02/13/2014 06:23 PM, Todd Maugh wrote:
> and If I am configuring the sud-ldap.conf
>
>
> what should it look like does any one have an example?
>
You have two options. Sudo can be integrated with SSSD or not.
If you want SUDO to be integrated then this should help:
http://www.freeipa.org/images/7/77/Freeipa30_SSSD_SUDO_Integration.pdf
If you want to use SUDO independently from sssd and connect directly to
IPA from SUDO you need to configure sudo -ldap.conf and use some user to
bind to IPA. This user should be configured in the file.
See more details in the IPA docs:
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html-single/Identity_Management_Guide/index.html#config-sudo-clients
>
> ------------------------------------------------------------------------
> *From:* freeipa-users-bounces at redhat.com
> [freeipa-users-bounces at redhat.com] on behalf of Todd Maugh
> [tmaugh at boingo.com]
> *Sent:* Thursday, February 13, 2014 3:17 PM
> *To:* freeipa-users at redhat.com
> *Subject:* [Freeipa-users] Setting up sudo
>
> the documentation is kinda vague on some parts
>
> from the documentation:
>
> Because the |sudo| information is not available anonymously over LDAP
> by default, Identity Management defines a default |sudo| user,
> |uid=sudo,cn=sysaccounts,cn=etc,$SUFFIX|, which can be set in the
> LDAP/|sudo| configuration file, |/etc/sud-ldap.conf|.
>
> so is this user supposed to already pre defined. or do I need to
> create the user, and then modify them
>
> thanks
>
> -Todd
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140213/58d7b30b/attachment.htm>
More information about the Freeipa-users
mailing list