[Freeipa-users] SSSD does not fetch Sudo Rules anymore

[Alexander Bokovoy]

On Mon, 07 Mar 2016, Zoske, Fabian wrote:
>Thank you for your explanation.
>
>I looked in the sssd_<DOMAIN>.log and found the actual LDAP-Filter.
>The problem seems to be the first part again: (&(objectclass=sudoRole)(entryUSN>=485025)(!(entryUSN=485025))).
>In the LDAP-Tree I can't see any attribute named entryUSN.
>
>Is this related to the problem?
No, it is not. entryUSN is an attribute that is not stored in the entry,
it is a feature that adds a monotonically increased value to any update
of an entry. It is used to check whether entries were changed since last
search.


-- 
/ Alexander Bokovoy