Thanks,

that helps!
I mistyped binddn and bindpw

----- Mail original -----
De: "Lukasz Jaworski" <lukasz.jawor...@allegrogroup.com>
À: "Nicolas Zin" <nicolas....@savoirfairelinux.com>
Cc: freeipa-users@redhat.com
Envoyé: Mardi 17 Février 2015 13:31:20
Objet: Re: [Freeipa-users] issues with sudo on RHEL5.8

> 
> With a RHEL7 IDM installation, I try to make sudo working.
> On RHEL6 no problem (via sssd)
> On RHEL5.8 I don't manage to make it working (credential are good, I manage 
> to request the schema, see below)
> Where can I found more logs?
> What did I forget?
> [root@srv-rhel58-01 ~]# cat /etc/nss_ldap.conf
> bindn uid=sudo,cn=sysaccounts,cn=etc,dc=company,dc=com
> binpw redhat5Sudo
> ssl start_tls
> tls_cacertfile /etc/openldap/cacerts/ipa.crt
> #tls_cacert /etc/openldap/cacerts/ipa.crt
> tls_checkpeer yes
> #uri ldap://srv-idm7-01.company.com, ldap://srv-idm7-02.company.com
> uri ldap://srv-idm7-01.company.com
> sudoers_base ou=SUDOers,dc=company,dc=com
> sudoers_debug: 2

change last line (remove ":") to:
sudoers_debug 2

And then try sudo.

Check:
/etc/nsswitch.conf
should be:
sudoers: files ldap

Best regards,
Ender

-- 
Łukasz Jaworski


-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to