> I have been working through configuring sudo via IPA and ran into the > following situation. > > There is a directive in the documentation to configure > /etc/sssd/sssd.conf on the clients with something like the following: > > ldap_netgroup_search_base = cn=ng,cn=compat,dc=example,dc=com > > > This is pulled from the docse here for reference: > http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_ > Management_Guide/example-configuring-sudo.html > > This is fine and causes no problems, however, when I mistakenly left it > out on a few systems, sudo continued to function, so I am wondering what > it is that this directive does? Does this get sssd into the loop to > cache sudo rules for offline use?
Support for SUDO in SSSD has been added just about a week ago into master branch and is considered experimental right now. And as I understand it, the support in SUDO itself is still not entirely complete. So the simple answer is: hang on, the support is coming. Jan
Description: This is a digitally signed message part.
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users