I have an ipa server version 4.5 with one ipa replica and one ipa client,
all on CentOS 7.
I need to manage anythings about sudoers on ipa server so I decided to use
externaluser in sudo rules, such as below:

# ipa sudorule-show behnam
Rule name: behnam
  Enabled: TRUE
  Host category: all
  Command category: all
  RunAs User category: all
  RunAs Group category: all
  External User: behnam
  Sudo Option: !authenticate

but when I check sudo in client system, it returns that behnam may not run

[behnam@***** ~]$ sudo -l
[sudo] password for behnam:
Sorry, user behnam may not run sudo on *****
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to