OK, found it... I needed to comment out my other ldap lines, but I
wonder why this is needed on CentOS and Ubuntu works without them.

2014-10-12 21:14 GMT+02:00 Matt . <yamakasi....@gmail.com>:
> Hi All.
>
> I'm using sudo rules on Ubuntu machines perfectly, but on CentOS I get:
>
> User username is not allowed to run sudo on centos
>
> This is in my sssd.conf which should be OK?
>
> [domain/domain.local]
>
> cache_credentials = True
> krb5_store_password_if_offline = True
> ipa_domain = domain.local
> id_provider = ipa
> auth_provider = ipa
> access_provider = ipa
> ipa_hostname = centos.domain.local
> chpass_provider = ipa
> ipa_server = _srv_,ipa.domain.local
> ldap_tls_cacert = /etc/ipa/ca.crt
>
>
> [sssd]
> services = nss, pam, ssh, sudo
> config_file_version = 2
>
> domains = domain.local
>
> The strange thing is that I cannot find any log issues except:
>
> (Sun Oct 12 18:03:37 2014) [sssd[sudo]] [sss_dp_init] (0x0010): Failed
> to connect to monitor services.
> (Sun Oct 12 18:03:37 2014) [sssd[sudo]] [sss_process_init] (0x0010):
> fatal error setting up backend connector
>
> Where I think this only happens with restarting sssd, but not always.
>
> Thanks,
>
> Matt

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to