On Wed, Dec 08, 2010 at 11:12:34PM +0000, JR Aquino wrote:
> I guess the piece that is still missing then is:
> Instead of:
> sudoHost: hostname.com
> It should be:
> sudoHost: +production <- which is the group assigned to the ipasudorule.

The memberHost "cn=prod,cn=hostgroups,cn=accounts,dc=example,dc=com" in
the rule is a hostgroup but not a netgroup, so I think it's doing the
right thing by resolving the group down to its members' names.


Freeipa-devel mailing list

Reply via email to