>This is what I see when I manually add the ipaSudoRule entry to my test
> dn: cn=devel,cn=sudoers,dc=example,dc=com
> objectClass: sudoRole
> sudoUser: %ops
> sudoHost: auth4.ops.expertcity.com
> sudoCommand: /usr/bin/less
> cn: devel
>That's assuming the group and host entries you're using are still the
>same as the sample ones from a while back, of course.
>In the currently proposed configuration, the expansion of memberHost
>attribute values depends on functionality that's new in slapi-nis 0.20
>and later.  Which version are you using?

After a refresh:
I can confirm that I also have the same info as you.

I guess the piece that is still missing then is:

Instead of:

sudoHost: hostname.com

It should be:

sudoHost: +production <- which is the group assigned to the ipasudorule.

Freeipa-devel mailing list

Reply via email to