Yay, It works! Once I thumb finger the configuration files correctly.

May I request that y'all start alphabetizing entries where sequence is
not important so that it is easier for humans to find a single entry:

[dean@desktop ~]$ sudo cat /etc/sssd/sssd.conf
[sudo] password for dean: 
config_file_version = 2
domains = hunter.org
services = autofs, nss, pam, ssh, sudo

access_provider = ipa
auth_provider = ipa
autofs_provider = ipa
cache_credentials = True
chpass_provider = ipa
id_provider = ipa
ipa_automount_location = VM
ipa_domain = hunter.org
ipa_dyndns_update = True
ipa_hostname = desktop.hunter.org
ipa_server = _srv_, ipa.hunter.org
krb5_store_password_if_offline = True
ldap_tls_cacert = /etc/ipa/ca.crt

# For the SUDO integration
krb5_server = ipa.hunter.org
ldap_sasl_authid = host/desktop.hunter.org
ldap_sasl_mech = GSSAPI
ldap_sasl_realm = HUNTER.ORG
ldap_sudo_search_base = ou=sudoers,dc=hunter,dc=org
ldap_uri = ldap://ipa.hunter.org
sudo_provider = ldap







[dean@desktop ~]$ 

Freeipa-users mailing list

Reply via email to