I have been working through configuring sudo via IPA and ran into the
following situation.

There is a directive in the documentation to configure
/etc/sssd/sssd.conf on the clients with something like the following:

ldap_netgroup_search_base = cn=ng,cn=compat,dc=example,dc=com

This is pulled from the docse here for reference:

This is fine and causes no problems, however, when I mistakenly left it
out on a few systems, sudo continued to function, so I am wondering what
it is that this directive does? Does this get sssd into the loop to
cache sudo rules for offline use?

Any ideas?


Freeipa-users mailing list

Reply via email to