subject:"\[Freeipa\-users\] SUDO with HostGroup and UserGroup not working"

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Jakub Hrozek

On Mon, Mar 23, 2015 at 06:26:21PM +0530, Yogesh Sharma wrote:
> Thanks Jakub.
> 
> All the issue seems to be resolved now except that getent is not able to
> resolve on IPA Server however working fine on other.
> 
> Below are the logs where it says it is not able to connect DataProvided.
> 

[ ...]

> *(Mon Mar 23 18:12:33 2015) [sssd[nss]] [lookup_netgr_dp_callback]
> (0x0040): Unable to get information from Data Provider*
> *Error: 3, 17, Netgroup lookup failed*
> *Will try to return what we have in cache*

The lines above ^^ tell me that the Data Provider couldn't retrieve the
netgroups from the server. You'd have to look into the domain logs to
see why..

> (Mon Mar 23 18:12:33 2015) [sssd[nss]] [lookup_netgr_step] (0x0100):
> Requesting info for [stg.initd@stg.initd.com]
> (Mon Mar 23 18:12:33 2015) [sssd[nss]] [lookup_netgr_step] (0x0040): No
> results for netgroup stg.initd.com (domain stg.initd.com)
> (Mon Mar 23 18:12:33 2015) [sssd[nss]] [lookup_netgr_step] (0x0080): No
> matching domain found for [stg.initd.com], fail!
> (Mon Mar 23 18:12:33 2015) [sssd[nss]] [sss_dp_req_destructor] (0x0400):
> Deleting request: [0xb77624d0:4:stg.initd@stg.initd.com]
> (Mon Mar 23 18:12:33 2015) [sssd[nss]] [client_recv] (0x0200): Client
> disconnected!

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Yogesh Sharma

Thanks Jakub.

All the issue seems to be resolved now except that getent is not able to
resolve on IPA Server however working fine on other.

Below are the logs where it says it is not able to connect DataProvided.

(Mon Mar 23 18:12:25 2015) [sssd[nss]] [server_setup] (0x0400): CONFDB:
/var/lib/sss/db/config.ldb
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [confdb_get_domain_internal]
(0x0400): No enumeration for [stg.initd.com]!
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [sbus_init_connection] (0x0200):
Adding connection B96E29C0
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [monitor_common_send_id] (0x0100):
Sending ID: (nss,1)
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [sss_names_init] (0x0100): Using re
[(((?P[^\\]+)\\(?P.+$))|((?P[^@]+)@(?P.+$))|(^(?P[^@\\]+)$))].
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [sbus_init_connection] (0x0200):
Adding connection B96E3FB8
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [dp_common_send_id] (0x0100):
Sending ID to DP: (1,NSS)
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [sysdb_domain_init_internal]
(0x0200): DB File for stg.initd.com: /var/lib/sss/db/cache_stg.initd.com.ldb
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [ldb] (0x0400): asq: Unable to
register control with rootdse!
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [sss_process_init] (0x0400):
Responder Initialization complete
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [sss_parse_name_for_domains]
(0x0200): name 'root' matched without domain, user is root
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [sss_parse_name_for_domains]
(0x0200): using default domain [(null)]
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [sss_ncache_set_str] (0x0400):
Adding [NCE/USER/stg.initd.com/root] to negative cache permanently
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [sss_parse_name_for_domains]
(0x0200): name 'root' matched without domain, user is root
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [sss_parse_name_for_domains]
(0x0200): using default domain [(null)]
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [sss_ncache_set_str] (0x0400):
Adding [NCE/GROUP/stg.initd.com/root] to negative cache permanently
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /bin/sh in /etc/shells
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /bin/bash in /etc/shells
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /sbin/nologin in /etc/shells
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [responder_set_fd_limit] (0x0100):
Maximum file descriptors set to [8192]
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [nss_process_init] (0x0400): NSS
Initialization complete
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [id_callback] (0x0100): Got id ack
and version (1) from Monitor
(Mon Mar 23 18:12:25 2015) [sssd[nss]] [dp_id_callback] (0x0100): Got id
ack and version (1) from DP
(Mon Mar 23 18:12:32 2015) [sssd[nss]] [accept_fd_handler] (0x0400): Client
connected!
(Mon Mar 23 18:12:32 2015) [sssd[nss]] [sss_cmd_get_version] (0x0200):
Received client version [1].
(Mon Mar 23 18:12:32 2015) [sssd[nss]] [sss_cmd_get_version] (0x0200):
Offered version [1].
(Mon Mar 23 18:12:32 2015) [sssd[nss]] [sss_parse_name_for_domains]
(0x0200): name 'stg.initd.com' matched without domain, user is stg.initd.com
(Mon Mar 23 18:12:32 2015) [sssd[nss]] [sss_parse_name_for_domains]
(0x0200): using default domain [(null)]
(Mon Mar 23 18:12:32 2015) [sssd[nss]] [setnetgrent_send] (0x0100):
Requesting info for netgroup [stg.initd.com] from []
(Mon Mar 23 18:12:32 2015) [sssd[nss]] [lookup_netgr_step] (0x0100):
Requesting info for [stg.initd@stg.initd.com]
(Mon Mar 23 18:12:32 2015) [sssd[nss]] [lookup_netgr_step] (0x0040): No
results for netgroup stg.initd.com (domain stg.initd.com)
(Mon Mar 23 18:12:32 2015) [sssd[nss]] [sss_dp_issue_request] (0x0400):
Issuing request for [0xb77624d0:4:stg.initd@stg.initd.com]
(Mon Mar 23 18:12:32 2015) [sssd[nss]] [sss_dp_get_account_msg] (0x0400):
Creating request for [stg.initd.com][4100][1][name=stg.initd.com]
(Mon Mar 23 18:12:32 2015) [sssd[nss]] [sss_dp_internal_get_send] (0x0400):
Entering request [0xb77624d0:4:stg.initd@stg.initd.com]
*(Mon Mar 23 18:12:33 2015) [sssd[nss]] [lookup_netgr_dp_callback]
(0x0040): Unable to get information from Data Provider*
*Error: 3, 17, Netgroup lookup failed*
*Will try to return what we have in cache*
(Mon Mar 23 18:12:33 2015) [sssd[nss]] [lookup_netgr_step] (0x0100):
Requesting info for [stg.initd@stg.initd.com]
(Mon Mar 23 18:12:33 2015) [sssd[nss]] [lookup_netgr_step] (0x0040): No
results for netgroup stg.initd.com (domain stg.initd.com)
(Mon Mar 23 18:12:33 2015) [sssd[nss]] [lookup_netgr_step] (0x0080): No
matching domain found for [stg.initd.com], fail!
(Mon Mar 23 18:12:33 2015) [sssd[nss]] [sss_dp_req_destructor] (0x0400):
Deleting request: [0xb77624d0:4:stg.initd@stg.initd.com]
(Mon Mar 23 18:12:33 2015) [sssd[nss]] [client_recv] (0x0200): Client
disconnected!


Below is SSSD.conf: (Text in Bold resovled the cache issue, I have kept low
for testing purpose :) )

[domai

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Jakub Hrozek

On Mon, Mar 23, 2015 at 04:27:14PM +0530, Yogesh Sharma wrote:
> I just deleted the netgroup, even though getent is resolving.
> 
> [root@mipa ~]# getent netgroup stg.initd.com
> stg.initd.com  (cipa.stg.initd.com,-,stg.initd.com)
> [root@mipa ~]# ipa netgroup-show stg.initd.com
> ipa: ERROR: stg.initd.com: netgroup not found
> 
> Sent  IPA Server Logs to you individually.

You only sent the sssd section, that's not useful. Please read:
https://fedorahosted.org/sssd/wiki/Troubleshooting

There is a section about generating SSSD logs. Also anything that
applies to resolving users applies to resolving netgroups as well.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Jakub Hrozek

On Mon, Mar 23, 2015 at 04:18:56PM +0530, Yogesh Sharma wrote:
> Seeing a strange behavior.
> 
> I deleted all Host Members from NetGroup and it was reflected in Client:
> 
> [root@cipa ~]# getent netgroup stg.initd.com
> stg.initd.com
> 
> then I added one hostgroup *"cipa" * and it was successfully quried in
> getent on IPA Server
> 
> [root@mipa ~]# getent netgroup stg.initd.com
> stg.initd.com  (cipa.stg.initd.com,-,stg.initd.com)
> 
> However, when adding another hostgroup in Netgroup , I am not able to see
> that in getent though ipa command list it.
> 
> 
> 
> [root@mipa ~]# ipa netgroup-show stg.initd.com
>   Netgroup name: stg.initd.com
>   Description: s
>   NIS domain name: stg.initd.com
>   Member Group: admins, ipausers, masteruser, trust admins, webuser
>   Member Hostgroup: cipa-servers, sipa-servers
> [root@mipa ~]#
> 
> 
> My Client is also unaware of changes.
> 
> [root@cipa ~]# getent netgroup stg.initd.com
> stg.initd.com
> [root@cipa ~]#
> 
> 
> Is it network issue or sssd caching problem. Restart of SSSD also does not
> fix the problem.

That's normal, SSSD caches the information. See man sssd.conf for the
timeout settings. Please note that as the timeouts are stored in the
cache, you'd need to remove the cache as well if you machine the
timeouts.

> 
> Should I share my SSSD logs of IPA server or Client or Both. Please suggest.

>From the machine that is having problems resolving the netgroup.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Yogesh Sharma

I just deleted the netgroup, even though getent is resolving.

[root@mipa ~]# getent netgroup stg.initd.com
stg.initd.com  (cipa.stg.initd.com,-,stg.initd.com)
[root@mipa ~]# ipa netgroup-show stg.initd.com
ipa: ERROR: stg.initd.com: netgroup not found

Sent  IPA Server Logs to you individually.





*Best Regards,__*

*Yogesh Sharma*
*Email: yks0...@gmail.com  | Web: www.initd.in
*

RHCE, VCE-CIA, RackSpace Cloud U
[image: My LinkedIn Profile] 


On Mon, Mar 23, 2015 at 4:18 PM, Yogesh Sharma  wrote:

> Seeing a strange behavior.
>
> I deleted all Host Members from NetGroup and it was reflected in Client:
>
> [root@cipa ~]# getent netgroup stg.initd.com
> stg.initd.com
>
> then I added one hostgroup *"cipa" * and it was successfully quried in
> getent on IPA Server
>
> [root@mipa ~]# getent netgroup stg.initd.com
> stg.initd.com  (cipa.stg.initd.com,-,stg.initd.com)
>
> However, when adding another hostgroup in Netgroup , I am not able to see
> that in getent though ipa command list it.
>
>
>
> [root@mipa ~]# ipa netgroup-show stg.initd.com
>   Netgroup name: stg.initd.com
>   Description: s
>   NIS domain name: stg.initd.com
>   Member Group: admins, ipausers, masteruser, trust admins, webuser
>   Member Hostgroup: cipa-servers, sipa-servers
> [root@mipa ~]#
>
>
> My Client is also unaware of changes.
>
> [root@cipa ~]# getent netgroup stg.initd.com
> stg.initd.com
> [root@cipa ~]#
>
>
> Is it network issue or sssd caching problem. Restart of SSSD also does not
> fix the problem.
>
> Should I share my SSSD logs of IPA server or Client or Both. Please
> suggest.
>
>
>
>
>
>
>
>
> *Best Regards,__*
>
> *Yogesh Sharma*
> *Email: yks0...@gmail.com  | Web: www.initd.in
> *
>
> RHCE, VCE-CIA, RackSpace Cloud U
> [image: My LinkedIn Profile] 
>
>
> On Mon, Mar 23, 2015 at 2:59 PM, Jakub Hrozek  wrote:
>
>> On Mon, Mar 23, 2015 at 02:23:52PM +0530, Yogesh Sharma wrote:
>> > Sure Jakub. ++FreeIPA-Users
>> >
>> > "getent netgroup" not working on IPA Server
>> >
>> > [root@mipa ~]# getent netgroup stg.initd.com
>> > [root@mipa ~]#
>> >
>> >
>> >
>> > [root@mipa ~]# ipa hostgroup-show cipa-servers
>> >   Host-group: cipa-servers
>> >   Description: cipa
>> >   Member hosts: cipa.stg.initd.com
>> >   Member of netgroups: stg.initd.com
>> >
>> > [root@mipa ~]# ipa netgroup-show stg.initd.com
>> >   Netgroup name: stg.initd.com
>> >   Description: ss
>> >   NIS domain name: stg.initd.com
>> >   Member Group: admins, ipausers, masteruser, trust admins, webuser
>> >   Member Hostgroup: sipa-servers, cipa-servers
>> >
>> > However, I re-register the IPA Client and I am able to query netgroup,
>> > Though it does not shows cipa.stg.initd.com whereas IPA Server query
>> "ipa
>> > netgroup-show stg.initd.com" has it in list.
>> >
>> > [root@cipa ~]# getent passwd admin
>> > admin:*:117040:117040:Administrator:/home/admin:/bin/bash
>> > [root@cipa ~]# getent netgroup stg.initd.com
>> > stg.initd.com  (sipa.stg.initd.com,-,stg.initd.com)
>> > [root@cipa ~]#
>>
>> OK, then we need to see the SSSD logs, but if the client suddently
>> started working, then I suspect some networking issues.
>>
>
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Yogesh Sharma

Seeing a strange behavior.

I deleted all Host Members from NetGroup and it was reflected in Client:

[root@cipa ~]# getent netgroup stg.initd.com
stg.initd.com

then I added one hostgroup *"cipa" * and it was successfully quried in
getent on IPA Server

[root@mipa ~]# getent netgroup stg.initd.com
stg.initd.com  (cipa.stg.initd.com,-,stg.initd.com)

However, when adding another hostgroup in Netgroup , I am not able to see
that in getent though ipa command list it.



[root@mipa ~]# ipa netgroup-show stg.initd.com
  Netgroup name: stg.initd.com
  Description: s
  NIS domain name: stg.initd.com
  Member Group: admins, ipausers, masteruser, trust admins, webuser
  Member Hostgroup: cipa-servers, sipa-servers
[root@mipa ~]#


My Client is also unaware of changes.

[root@cipa ~]# getent netgroup stg.initd.com
stg.initd.com
[root@cipa ~]#


Is it network issue or sssd caching problem. Restart of SSSD also does not
fix the problem.

Should I share my SSSD logs of IPA server or Client or Both. Please suggest.








*Best Regards,__*

*Yogesh Sharma*
*Email: yks0...@gmail.com  | Web: www.initd.in
*

RHCE, VCE-CIA, RackSpace Cloud U
[image: My LinkedIn Profile] 


On Mon, Mar 23, 2015 at 2:59 PM, Jakub Hrozek  wrote:

> On Mon, Mar 23, 2015 at 02:23:52PM +0530, Yogesh Sharma wrote:
> > Sure Jakub. ++FreeIPA-Users
> >
> > "getent netgroup" not working on IPA Server
> >
> > [root@mipa ~]# getent netgroup stg.initd.com
> > [root@mipa ~]#
> >
> >
> >
> > [root@mipa ~]# ipa hostgroup-show cipa-servers
> >   Host-group: cipa-servers
> >   Description: cipa
> >   Member hosts: cipa.stg.initd.com
> >   Member of netgroups: stg.initd.com
> >
> > [root@mipa ~]# ipa netgroup-show stg.initd.com
> >   Netgroup name: stg.initd.com
> >   Description: ss
> >   NIS domain name: stg.initd.com
> >   Member Group: admins, ipausers, masteruser, trust admins, webuser
> >   Member Hostgroup: sipa-servers, cipa-servers
> >
> > However, I re-register the IPA Client and I am able to query netgroup,
> > Though it does not shows cipa.stg.initd.com whereas IPA Server query
> "ipa
> > netgroup-show stg.initd.com" has it in list.
> >
> > [root@cipa ~]# getent passwd admin
> > admin:*:117040:117040:Administrator:/home/admin:/bin/bash
> > [root@cipa ~]# getent netgroup stg.initd.com
> > stg.initd.com  (sipa.stg.initd.com,-,stg.initd.com)
> > [root@cipa ~]#
>
> OK, then we need to see the SSSD logs, but if the client suddently
> started working, then I suspect some networking issues.
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Jakub Hrozek

On Mon, Mar 23, 2015 at 02:23:52PM +0530, Yogesh Sharma wrote:
> Sure Jakub. ++FreeIPA-Users
> 
> "getent netgroup" not working on IPA Server
> 
> [root@mipa ~]# getent netgroup stg.initd.com
> [root@mipa ~]#
> 
> 
> 
> [root@mipa ~]# ipa hostgroup-show cipa-servers
>   Host-group: cipa-servers
>   Description: cipa
>   Member hosts: cipa.stg.initd.com
>   Member of netgroups: stg.initd.com
> 
> [root@mipa ~]# ipa netgroup-show stg.initd.com
>   Netgroup name: stg.initd.com
>   Description: ss
>   NIS domain name: stg.initd.com
>   Member Group: admins, ipausers, masteruser, trust admins, webuser
>   Member Hostgroup: sipa-servers, cipa-servers
> 
> However, I re-register the IPA Client and I am able to query netgroup,
> Though it does not shows cipa.stg.initd.com whereas IPA Server query "ipa
> netgroup-show stg.initd.com" has it in list.
> 
> [root@cipa ~]# getent passwd admin
> admin:*:117040:117040:Administrator:/home/admin:/bin/bash
> [root@cipa ~]# getent netgroup stg.initd.com
> stg.initd.com  (sipa.stg.initd.com,-,stg.initd.com)
> [root@cipa ~]#

OK, then we need to see the SSSD logs, but if the client suddently
started working, then I suspect some networking issues.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Yogesh Sharma

Sure Jakub. ++FreeIPA-Users

"getent netgroup" not working on IPA Server

[root@mipa ~]# getent netgroup stg.initd.com
[root@mipa ~]#



[root@mipa ~]# ipa hostgroup-show cipa-servers
  Host-group: cipa-servers
  Description: cipa
  Member hosts: cipa.stg.initd.com
  Member of netgroups: stg.initd.com

[root@mipa ~]# ipa netgroup-show stg.initd.com
  Netgroup name: stg.initd.com
  Description: ss
  NIS domain name: stg.initd.com
  Member Group: admins, ipausers, masteruser, trust admins, webuser
  Member Hostgroup: sipa-servers, cipa-servers

However, I re-register the IPA Client and I am able to query netgroup,
Though it does not shows cipa.stg.initd.com whereas IPA Server query "ipa
netgroup-show stg.initd.com" has it in list.

[root@cipa ~]# getent passwd admin
admin:*:117040:117040:Administrator:/home/admin:/bin/bash
[root@cipa ~]# getent netgroup stg.initd.com
stg.initd.com  (sipa.stg.initd.com,-,stg.initd.com)
[root@cipa ~]#






*Best Regards,__*

*Yogesh Sharma*
*Email: yks0...@gmail.com  | Web: www.initd.in
*

RHCE, VCE-CIA, RackSpace Cloud U
[image: My LinkedIn Profile] 


On Mon, Mar 23, 2015 at 1:21 PM, Jakub Hrozek  wrote:

> On Mon, Mar 23, 2015 at 12:29:03PM +0530, Yogesh Sharma wrote:
> > Thanks Jakub for the reply. Please find the details:
>
> Please keep the replies on the list, if possible. Other users might run
> into the same problem and then the archives become really useful.
>
> >
> > It shows nisdomain but not netgroup:
> >
> > [root@cipa ~]# nisdomainname
> > $NISDOMAINNAME_VALUE
> > [root@cipa ~]# getent netgroup cipa-servers
> > [root@cipa ~]#
> >
> >
> > However , From IPA Server, I am able to query host under netgroup
>
> Can you query the netgroup on the IPA server using getent netgroup?
>
> Can you query users on the IPA client? (getent passwd admin)
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-23 Thread Jakub Hrozek

On Mon, Mar 23, 2015 at 12:29:03PM +0530, Yogesh Sharma wrote:
> Thanks Jakub for the reply. Please find the details:

Please keep the replies on the list, if possible. Other users might run
into the same problem and then the archives become really useful.

> 
> It shows nisdomain but not netgroup:
> 
> [root@cipa ~]# nisdomainname
> $NISDOMAINNAME_VALUE
> [root@cipa ~]# getent netgroup cipa-servers
> [root@cipa ~]#
> 
> 
> However , From IPA Server, I am able to query host under netgroup

Can you query the netgroup on the IPA server using getent netgroup?

Can you query users on the IPA client? (getent passwd admin)

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-22 Thread Jakub Hrozek

On Mon, Mar 23, 2015 at 12:05:05PM +0530, Yogesh Sharma wrote:
> Hello Team,
> 
> We are doing POC to use IPA server in our Env. When we try to add
> individual host and user in Sudo Rule it work fine whereas we need use
> HostGroup and Usergroup it is not working.
> 
> We have been restricted to use NIS due to others issue with NIS. Please
> suggest a way to fix this.

The first thing I'd look at is whether nisdomainname is correct.

The next thing would be whether 'getent netgroup $hostgroup' reports
the host as a member of that hostgroup.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

[Freeipa-users] SUDO with HostGroup and UserGroup not working

2015-03-22 Thread Yogesh Sharma

Hello Team,

We are doing POC to use IPA server in our Env. When we try to add
individual host and user in Sudo Rule it work fine whereas we need use
HostGroup and Usergroup it is not working.

We have been restricted to use NIS due to others issue with NIS. Please
suggest a way to fix this.



*Best Regards,__*

*Yogesh Sharma*
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

Re: [Freeipa-users] SUDO with HostGroup and UserGroup not working

[Freeipa-users] SUDO with HostGroup and UserGroup not working

11 matches

Site Navigation

Mail list logo

Footer information