Fred van Zwieten wrote:

ipa-client-install should take care of setting up sudo on the client to
use IPA, afaik.

Not yet,

Essential line in nsswitch.conf:
sudoers:    files ldap

Please read here

Note that the configuration file name is wrong for RHEL 6. You need to use /etc/sudo-ldap.conf.


As for the second question. dc=example,dc=com is, well, an example. <> is used throughout the documentation
for documentation purposes where a domain name is needed. Please replace
is with you're domain, e.g. dc=yourcompanyname,dc=com

Met vriendelijke groeten,

On Mon, Feb 4, 2013 at 7:29 AM, Rajnesh Kumar Siwal
< <>> wrote:

    I am planning to use the sudo feature on IPA 2.2. By default the IPA
    client that I configured does not seems to use fetch the sudo user

    It looks that we need to modify nsswitch.conf and ldap.conf to
    support it.

    Can sssd take care of fetching the sudo user details ?

    Secondly, I am not able to find the password for
    uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com . How do I find it ?
    Will it be safe to change password of this sudo user or it may impact
    the IPA Server ?

    Please suggest.

    Rajnesh Kumar Siwal

    Freeipa-users mailing list <>

Freeipa-users mailing list

Freeipa-users mailing list

Reply via email to