[Freeipa-users] FreeIPA sudo configuration on FreeIPA, version: 4.1.0
Jakub Hrozek
jhrozek at redhat.com
Tue Apr 7 12:04:47 UTC 2015
On Tue, Apr 07, 2015 at 01:55:43PM +0200, Chamambo Martin wrote:
> Thanx Jakub for pointing me to the right direction .This is what I have now
> and I have increased the debug level during troubleshooting
>
> [domain/ai.co.zw]
>
> debug_level=3
> cache_credentials = True
> krb5_store_password_if_offline = True
> ipa_domain = ai.co.zw
> id_provider = ipa
> sudo_provider = ipa
> auth_provider = ipa
> access_provider = ipa
> ipa_hostname = ironhide.ai.co.zw
> chpass_provider = ipa
> ipa_server = _srv_, cyclops.ai.co.zw
> ldap_tls_cacert = /etc/ipa/ca.crt
> [sssd]
> services = nss, sudo, pam, ssh
> config_file_version = 2
>
>
> domains = ai.co.zw
> [nss]
> homedir_substring = /home
>
> [pam]
>
> [sudo]
>
> [autofs]
>
> [ssh]
>
> Error messages from /var/log/sssd/sssd_ai.co.zw when debug level is set at 4
This snippet just shows successfull authentication, which I guess is
when sudo asked for the password. Anything interesting in the sudo log?
/var/log/sssd/sssd_sudo.log
You might need a higher debug_level, though (6?)
More information about the Freeipa-users
mailing list