On Wed, Apr 08, 2015 at 09:25:33AM +0200, Chamambo Martin wrote: > Good day > > I am running FreeIPA, version: 4.1.0 and everything is working well except > SUDO configuration. > > I have 3 questions > > 1: I have configured the bare minimum sudo configuration without > hostgroups and netgroups , just sudo commands and sudo command groups that > have been added as sudo rules .....this should work right > 2: I have centos 6.6 and redhat 6.6 clients using the sssd > service ,is that enough for sudo to work if the configs are as below
Didn't you start exactly the same thread yesterday? :-) Can you provide the sudo responder logs as we asked yesterday? > > > cat /etc/nsswitch.conf > > sudoers: files sss > > cat /etc/sssd/sssd.conf > > [domain/ai.co.zw] > > debug_level=6 > cache_credentials = True > krb5_store_password_if_offline = True > ipa_domain = ai.co.zw > id_provider = ipa > auth_provider = ipa > access_provider = ipa > ipa_hostname = ironhide.ai.co.zw > chpass_provider = ipa > ipa_server = _srv_, cyclops.ai.co.zw > ldap_tls_cacert = /etc/ipa/ca.crt > > [sssd] > services = nss, sudo, pam, ssh > config_file_version = 2 > > > domains = ai.co.zw > [nss] > homedir_substring = /home > > [pam] > > [sudo] > > [autofs] > > [ssh] > > > > > > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project