Are the sudo rules applied to IPA clients through nss_ldap, instead of sssd?
I tried that on Redhat 6.2 clients, and some documents said that sudo rules
would work when enabled inside /etc/nslcd.conf, but we need to hack the script
/etc/init.d/nslcd.conf a little bit -- basically to mess around the sudo config
statement before/after nslcd daemon runs as the latter still can not handle
sudo statements very well.
Then on 5.8, where nslcd daemon is not available, should we edit
/etc/ldap.conf for nss_ldap and how? Please shed a light on this. Thanks a lot.
Freeipa-users mailing list