Progress!
Ok, here is the latest data from the lab.
The compat translation is almost there!!!
* The sudoers container has correctly been moved out to the top of the
tree. I think it only needs 1 small final edit, the sudo ldap default is
to look for: ou=sudoers, rather than what is currently
JR Aquino wrote:
Progress!
Ok, here is the latest data from the lab.
The compat translation is almost there!!!
* The sudoers container has correctly been moved out to the top of the
tree. I think it only needs 1 small final edit, the sudo ldap default is
to look for: ou=sudoers, rather
On Mon, Nov 22, 2010 at 07:18:42PM +, JR Aquino wrote:
On 11/18/10 3:11 PM, Dmitri Pal d...@redhat.com wrote:
JR Aquino wrote:
The IPA SudoRule Structure has largely been based off of what we are
doing
today with HBAC.
HBAC does not distinguish between memberGroup or
On 11/18/10 8:16 AM, Nalin Dahyabhai na...@redhat.com wrote:
snipit
ToDo's:
* Get sudo compat to translate usergroup/posix group's such that it can
prepend a %groupname - notice that it is not fully qualified dn.
If memberUser can point to either a user or a group, and we read a
