OK, found it... I needed to comment out my other ldap lines, but I
wonder why this is needed on CentOS and Ubuntu works without them.
2014-10-12 21:14 GMT+02:00 Matt . <yamakasi....@gmail.com>:
> Hi All.
> I'm using sudo rules on Ubuntu machines perfectly, but on CentOS I get:
> User username is not allowed to run sudo on centos
> This is in my sssd.conf which should be OK?
> cache_credentials = True
> krb5_store_password_if_offline = True
> ipa_domain = domain.local
> id_provider = ipa
> auth_provider = ipa
> access_provider = ipa
> ipa_hostname = centos.domain.local
> chpass_provider = ipa
> ipa_server = _srv_,ipa.domain.local
> ldap_tls_cacert = /etc/ipa/ca.crt
> services = nss, pam, ssh, sudo
> config_file_version = 2
> domains = domain.local
> The strange thing is that I cannot find any log issues except:
> (Sun Oct 12 18:03:37 2014) [sssd[sudo]] [sss_dp_init] (0x0010): Failed
> to connect to monitor services.
> (Sun Oct 12 18:03:37 2014) [sssd[sudo]] [sss_process_init] (0x0010):
> fatal error setting up backend connector
> Where I think this only happens with restarting sssd, but not always.
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project