On 02/17/2015 05:18 AM, Nicolas Zin wrote:
Thanks,
that helps!
I mistyped binddn and bindpw
----- Mail original -----
De: "Lukasz Jaworski" <lukasz.jawor...@allegrogroup.com>
À: "Nicolas Zin" <nicolas....@savoirfairelinux.com>
Cc: freeipa-users@redhat.com
Envoyé: Mardi 17 Février 2015 13:31:20
Objet: Re: [Freeipa-users] issues with sudo on RHEL5.8
With a RHEL7 IDM installation, I try to make sudo working.
On RHEL6 no problem (via sssd)
On RHEL5.8 I don't manage to make it working (credential are good, I manage to
request the schema, see below)
Where can I found more logs?
What did I forget?
[root@srv-rhel58-01 ~]# cat /etc/nss_ldap.conf
bindn uid=sudo,cn=sysaccounts,cn=etc,dc=company,dc=com
binpw redhat5Sudo
ssl start_tls
tls_cacertfile /etc/openldap/cacerts/ipa.crt
#tls_cacert /etc/openldap/cacerts/ipa.crt
tls_checkpeer yes
#uri ldap://srv-idm7-01.company.com, ldap://srv-idm7-02.company.com
uri ldap://srv-idm7-01.company.com
sudoers_base ou=SUDOers,dc=company,dc=com
sudoers_debug: 2
change last line (remove ":") to:
sudoers_debug 2
And then try sudo.
Check:
/etc/nsswitch.conf
should be:
sudoers: files ldap
Best regards,
Ender
We quite frequently get questions about how to configure SUDO with IPA
from RHEL5.x clients.
Would you mind sharing this configuration as a howto solution?
http://www.freeipa.org/page/HowTos
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
