>This is what I see when I manually add the ipaSudoRule entry to my test
>server:
>
> dn: cn=devel,cn=sudoers,dc=example,dc=com
> objectClass: sudoRole
> sudoUser: %ops
> sudoHost: auth4.ops.expertcity.com
> sudoCommand: /usr/bin/less
> cn: devel
>
>That's assuming the group and host entries you're using are still the
>same as the sample ones from a while back, of course.
>
>In the currently proposed configuration, the expansion of memberHost
>attribute values depends on functionality that's new in slapi-nis 0.20
>and later.  Which version are you using?
>
>Nalin


After a refresh:
I can confirm that I also have the same info as you.

I guess the piece that is still missing then is:

Instead of:

sudoHost: hostname.com

It should be:

sudoHost: +production <- which is the group assigned to the ipasudorule.


_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to