Fred van Zwieten wrote:
Hi,

ipa-client-install should take care of setting up sudo on the client to
use IPA, afaik.


Not yet, https://fedorahosted.org/freeipa/ticket/3358

Essential line in nsswitch.conf:
sudoers:    files ldap

Please read here
<https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6-Beta/html-single/Identity_Management_Guide/index.html#sudo>

Note that the configuration file name is wrong for RHEL 6. You need to use /etc/sudo-ldap.conf.

rob


As for the second question. dc=example,dc=com is, well, an example.
example.com <http://example.com> is used throughout the documentation
for documentation purposes where a domain name is needed. Please replace
is with you're domain, e.g. dc=yourcompanyname,dc=com

Met vriendelijke groeten,
*
Fred*


On Mon, Feb 4, 2013 at 7:29 AM, Rajnesh Kumar Siwal
<rajnesh.si...@gmail.com <mailto:rajnesh.si...@gmail.com>> wrote:

    I am planning to use the sudo feature on IPA 2.2. By default the IPA
    client that I configured does not seems to use fetch the sudo user
    details.

    It looks that we need to modify nsswitch.conf and ldap.conf to
    support it.

    Can sssd take care of fetching the sudo user details ?

    Secondly, I am not able to find the password for
    uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com . How do I find it ?
    Will it be safe to change password of this sudo user or it may impact
    the IPA Server ?

    Please suggest.


    --
    Regards,
    Rajnesh Kumar Siwal

    _______________________________________________
    Freeipa-users mailing list
    Freeipa-users@redhat.com <mailto:Freeipa-users@redhat.com>
    https://www.redhat.com/mailman/listinfo/freeipa-users




_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to