Macklin, Jason wrote:
Yes, resolution works correctly at both the host and the freeIPA server.

Dmitri,

I am still quite new to LDAP so I'm not sure exactly what I should be looking 
for when running ldapsearch.

The attempts that I have made have been less then fruitful though... examples 
follow

/usr/bin/ldapsearch -I -H ldap://dbduvdu145.dbr.roche.com 
"ou=SUDOers,dc=dbr,dc=roche,dc=com"SASL/EXTERNAL authentication started
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
        additional info: SASL(-4): no mechanism available:

This sort of return occurs for either working or non-working users both!

As I am new to ldap... is there a specific ldapsearch command/option I should 
be using?

You want to be authenticated to search the sudo data, so do something like:

 $ kinit admin (or some user)
 $ ldapsearch -Y GSSAPI ...

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to