[Freeipa-users] Question about ldap proxy/AD + sudo + HBAC
Jakub Hrozek
jhrozek at redhat.com
Mon Feb 15 10:31:13 UTC 2016
On Mon, Feb 15, 2016 at 09:34:33AM +0000, Birnbaum, Warren (ETW) wrote:
> Hello,
>
> I would like to get freeipa to work with a proxy solution ( I currently have this working with an active directory/no trust authentication and sudo but no HBAC) including HBAC. I can get sudo to work but not HBAC. I see there is a ticket for this as a new enhancement #4634 but wanted to confirm that there isn't another way to accomplish this.
>
> Here is my current configuration for proxy and this works OK:
I've used the proxy hack to enable sudo for local (=/etc/passwd) users
with LDAP sudoers and it just worked. Can you try following:
https://fedorahosted.org/sssd/wiki/HOWTO_Troubleshoot_SUDO
and see which part does not work?
More information about the Freeipa-users
mailing list