Thanks guys!  Adding the "-b" did make a world of difference though it still 
doesn't make anything too obvious... at least to me.

[jmacklin@dbduwdu062 Desktop]$ ldapsearch -Y GSSAPI -H 
ldap://dbduvdu145.dbr.roche.com -b "ou=SUDOers,dc=dbr,dc=roche,dc=com"
SASL/GSSAPI authentication started
SASL username: ad...@dbr.roche.com
SASL SSF: 56
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base <ou=SUDOers,dc=dbr,dc=roche,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# sudoers, dbr.roche.com
dn: ou=sudoers,dc=dbr,dc=roche,dc=com
objectClass: extensibleObject
ou: sudoers

# test4, sudoers, dbr.roche.com
dn: cn=test4,ou=sudoers,dc=dbr,dc=roche,dc=com
objectClass: sudoRole
sudoUser: asteinfeld
sudoHost: dbduwdu062.dbr.roche.com
sudoHost: +tempsudo
sudoCommand: ALL
cn: test4

# switch, sudoers, dbr.roche.com
dn: cn=switch,ou=sudoers,dc=dbr,dc=roche,dc=com
objectClass: sudoRole
sudoUser: oyilmaz
sudoHost: dbdusdu071.dbr.roche.com
sudoCommand: /bin/su
cn: switch

# jing144, sudoers, dbr.roche.com
dn: cn=jing144,ou=sudoers,dc=dbr,dc=roche,dc=com
objectClass: sudoRole
sudoUser: jli
sudoHost: dbduvdu144.dbr.roche.com
sudoCommand: ALL
cn: jing144

# Admin, sudoers, dbr.roche.com
dn: cn=Admin,ou=sudoers,dc=dbr,dc=roche,dc=com
objectClass: sudoRole
sudoUser: jmacklin
sudoUser: mrini
sudoUser: cgajare
sudoUser: parnold
sudoUser: hhebert
sudoUser: ckuecherer
sudoUser: gferreri
sudoHost: ALL
sudoCommand: ALL
cn: Admin

# search result
search: 4
result: 0 Success

# numResponses: 6
# numEntries: 5

I really appreciate all of the help!

Cheers,
Jason


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to