[Freeipa-users] Question about ldap proxy/AD + sudo + HBAC
Birnbaum, Warren (ETW)
Warren.Birnbaum at nike.com
Mon Feb 15 11:24:08 UTC 2016
Hi Jakub,
Thanks but I have sudo working OK. What I am trying make work is HBAC.
That I can¹t get to work with the proxy hack. Is there a way to do that?
Thanks,
Warren
___________________
Warren Birnbaum : Infrastructure Services
Digital Linux Infrastructure Services
Europe CDT Techn. Operations
Nike Inc. : Mobile +31 6 23902697
On 2/15/16, 11:31 AM, "freeipa-users-bounces at redhat.com on behalf of Jakub
Hrozek" <freeipa-users-bounces at redhat.com on behalf of jhrozek at redhat.com>
wrote:
>On Mon, Feb 15, 2016 at 09:34:33AM +0000, Birnbaum, Warren (ETW) wrote:
>> Hello,
>>
>> I would like to get freeipa to work with a proxy solution ( I currently
>>have this working with an active directory/no trust authentication and
>>sudo but no HBAC) including HBAC. I can get sudo to work but not HBAC.
>>I see there is a ticket for this as a new enhancement #4634 but wanted
>>to confirm that there isn't another way to accomplish this.
>>
>> Here is my current configuration for proxy and this works OK:
>
>I've used the proxy hack to enable sudo for local (=/etc/passwd) users
>with LDAP sudoers and it just worked. Can you try following:
> https://fedorahosted.org/sssd/wiki/HOWTO_Troubleshoot_SUDO
>and see which part does not work?
>
>--
>Manage your subscription for the Freeipa-users mailing list:
>https://www.redhat.com/mailman/listinfo/freeipa-users
>Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list