[Freeipa-users] Ubuntu sssd client -- FreeIPA Server fed from AD

Gonzalo Fernandez Ordas g.fer.ordas at unicyber.co.uk
Thu Mar 26 05:21:19 UTC 2015 

I have to test a few options to see how I can overcome that issue.
A pity as I nearly got everything setup in full.
Any findings I will get back to the list as this might be relevant for 
other users.


On 25/03/2015 19:56, Rob Crittenden wrote:
> Gonzalo Fernandez Ordas wrote:
>> Exactly the document i was having a look at.
>> In simple words,is possible to work this around and how,?
>> Otherwise i have to drop freeipa and get back to 389_ds as still seems
>> fully ldap sssd compatible.
>>
>> Have you got any doc clearly stating how to get this done?
>> I really invested many days on reaching this far being  sudo the last
>> tiny bit to get sorted which is hugely frustrated.
> How to configure sudo largely depends on the version of SSSD you have in
> Ubuntu. I'm not sure how configuring SSSD is going to affect your choice
> of server though. If you still use SSSD the same problem will exist
> regardless, right?
>
> rob
>
>> Thanks for all the support
>> Sent from Type Mail <http://r.typeapp.com>
>>
>> On Mar 25, 2015, at 5:35 PM, Dmitri Pal <dpal at redhat.com
>> <mailto:dpal at redhat.com>> wrote:
>>
>>      On 03/25/2015 08:32 PM, g.fer.ordas at unicyber.co.uk wrote:
>>
>>          Hi
>>
>>          I am setting up a plain and simple sssd service against my FreeIPA
>>          Server.
>>          The FreeIPA Server is a Centos 7.1 box with IPA version 4.1 and the
>>          client box is ubuntu: Ubuntu 12.04.5 LTS
>>
>>          The Users and Credentials are being Synched out of an AD Server
>>          (the
>>          passwords happened to be transferred using the PassSync Service)
>>
>>          Now.. I wanted to setup a very simple sssd service (not the FreeIPA
>>          client service)
>>          And so far I succeeded on synching the users along with the
>>          passwords
>>          using SSSD.
>>
>>          Now, Trying to get the sudo access sorted I cannot see that
>>          working,
>>          and I came across some documentation mentioning SSSD is NOT
>>          currently
>>          supporting IPA schema for the SUDOers
>>          if that is the case
>>
>>          Can anybody point me to the right document or procedure in terms of
>>          getting also the sudoers installed?
>>
>>          Would be possible , somehow, to have this sorted WITHOUT using the
>>          ipa-client?
>>
>>          many thanks!
>>
>>
>>
>>      http://www.freeipa.org/images/7/77/Freeipa30_SSSD_SUDO_Integration.pdf
>>
>>
>>
>

More information about the Freeipa-users mailing list