Pavel Březina wrote:
On 08/23/2016 01:55 PM, Tony Brian Albers wrote:
Here you are:
[root ~]# ldapsearch -Y GSSAPI -b $dc
'(ou=*)' -s onelevel
# profile, $domain
dn: ou=profile,$dc
objectClass: top
objectClass: organizationalUnit
ou: profiles
ou: profile
# search result
search: 4
result: 0 Success
# numResponses: 2
# numEntries: 1
Sudo rules are not downloaded by SSSD because ou=sudoers is missing on
the IPA server, or it may have incorrect ACL. Does someone from IPA team
know why?
Perhaps the compat tree is disabled:
$ ipa-compat-manage status
rob
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project