I ask upon thee, oh great ipa gurus...

I've got ipa set up with sudo, and have it successfully working on several
hosts.

On one particular host, though, I'm having issues.

SSSD seems to be working fine -- can ssh in as a user, can kinit, etc.

However, when I try to use sudo, I immediately get

ldap_sasl_bind_s(): Server is unwilling to perform

and in /var/log/secure, I see

May 20 17:20:07 SERVERNAME sudo: pam_unix(sudo:auth): authentication
failure; logname=username uid=0 euid=0 tty=/dev/pts/0 ruser = rhost =
user=username

May 20 17:20:07 SERVERNAME sudo: pam_sss(sudo:auth): authentication
success; logname=username uid=0 euid=0 tty=/dev/pts/0 ruser = rhost =
user=username

May 20 17:20:07 SERVERNAME sudo: username : user NOT in sudoers ; TTY=pts/0
; PWD=/home/username ; USER=root ; COMMAND=/bin/vi /etc/rc.local

...any advice?
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to