[Freeipa-users] can't get sudo to work.
Tony Brian Albers
tba at statsbiblioteket.dk
Wed Aug 24 06:55:31 UTC 2016
And indeed the compat tree was disabled.
Guess I forgot to reenable it after copying the db to a testing
environment.
Thanks guys, sudo is working fine now.
/tony
On Tue, 2016-08-23 at 10:13 -0400, Rob Crittenden wrote:
> Pavel Březina wrote:
> > On 08/23/2016 01:55 PM, Tony Brian Albers wrote:
> >> Here you are:
> >>
> >>
> >> [root ~]# ldapsearch -Y GSSAPI -b $dc
> >> '(ou=*)' -s onelevel
> >
> >> # profile, $domain
> >> dn: ou=profile,$dc
> >> objectClass: top
> >> objectClass: organizationalUnit
> >> ou: profiles
> >> ou: profile
> >>
> >> # search result
> >> search: 4
> >> result: 0 Success
> >>
> >> # numResponses: 2
> >> # numEntries: 1
> >
> >
> > Sudo rules are not downloaded by SSSD because ou=sudoers is missing on
> > the IPA server, or it may have incorrect ACL. Does someone from IPA team
> > know why?
>
> Perhaps the compat tree is disabled:
>
> $ ipa-compat-manage status
>
> rob
>
>
--
Best regards,
Tony Albers
Systems administrator, IT-development
State and University Library, Victor Albecks Vej 1, 8000 Aarhus C, Denmark.
Tel: +45 8946 2316
More information about the Freeipa-users
mailing list