On Mon, Feb 15, 2016 at 09:34:33AM +0000, Birnbaum, Warren (ETW) wrote: > Hello, > > I would like to get freeipa to work with a proxy solution ( I currently have > this working with an active directory/no trust authentication and sudo but no > HBAC) including HBAC. I can get sudo to work but not HBAC. I see there is a > ticket for this as a new enhancement #4634 but wanted to confirm that there > isn't another way to accomplish this. > > Here is my current configuration for proxy and this works OK:
I've used the proxy hack to enable sudo for local (=/etc/passwd) users with LDAP sudoers and it just worked. Can you try following: https://fedorahosted.org/sssd/wiki/HOWTO_Troubleshoot_SUDO and see which part does not work? -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project