On Thu, Sep 17, 2015 at 11:42:54AM +0000, Andy Thompson wrote:
> I've narrowed it down a bit doing some testing.  The sudo rules work when I 
> remove the user group restriction from them.  My sudo rules all have my ad 
> groups in the rule
> 
>   Rule name: ad_linux_admins
>   Enabled: TRUE
>   Host category: all
>   Command category: all
>   RunAs User category: all
>   RunAs Group category: all
>   User Groups: ad_linux_admins  <- if I remove this then the rule gets applied

Nice catch. Is the group visible after you login and run id?

What is the exact IPA server version?

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to