On (02/01/15 22:13), William Muriithi wrote: >Hi, > >I also think you will have to update to rhel 6.6 if you want to use sssd for >sudo. If updating to 6.6 is not a problem, this would be least painful. > >> > > The problem is that I can't get sudo rules to work. I know that the >> > > ipa client software version 3.0.0 doesn't automatically set up all the >> > > configuration for sssd to control sudo access, but I have set up all >> > > the configuration necessary manually: >> > > >> > > >> > > On the client, /etc/nsswitch.conf has >> > > >> > > >> > > sudoers files sss > >This will work only for rhel 6.6. Add ldap between files and sss if you >wouldn't be using 6.6 > It would worh with CentOS 6.4+ just configuration in sssd.conf would be different.
CentOS 6.4 and 6.5 *does not have* native sudo ipa provider, but it is possible to configure sssd with ldap provider (more complicated). CentOS 6.6 *has* native sudo ipa provider. The best way hot to configure sssd <-> sudo is to follow instructions in the manual page sssd-sudo. LS -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project