On Fri, May 18, 2012 at 02:35:18PM -0700, Gelen James wrote:
>    Hi all,
>     Are the sudo rules applied to IPA clients through nss_ldap, instead of
>    sssd? 

Neither :-)

sudo looks up the user information via the standard name-service-switch
maps, so if your machine is configured to fetch user and group
information using the sss NSS module in nsswitch.conf, then the requests
get to sssd.

As Stephen Ingram pointed out elsewhere in this thread, sudo only reads
the nss_ldap/nss-pam-ldapd config files but establishes the connection
to the LDAP server and fetches the data on its own.

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to