On Mon, 07 Mar 2016, Zoske, Fabian wrote:
Hi,
I looked in the sudo_debug log and found the following line:
Mar 7 11:00:08 sudo[31293] <- new_logline @ ./logging.c:867 := user NOT authorized
on host ; TTY=pts/1 ; PWD=/home//f.zoske ; USER=root ; COMMAND=/bin/bash
On our IPA-Server I have
oko...@redhat.com]
Gesendet: Montag, 7. März 2016 09:55
An: Zoske, Fabian
Cc: freeipa-users@redhat.com
Betreff: Re: [Freeipa-users] SSSD does not fetch Sudo Rules anymore
On Mon, 07 Mar 2016, Zoske, Fabian wrote:
>Thank you for your explanation.
>
>I looked in the sssd_.log and found the
On Mon, 07 Mar 2016, Zoske, Fabian wrote:
Thank you for your explanation.
I looked in the sssd_.log and found the actual LDAP-Filter.
The problem seems to be the first part again:
(&(objectclass=sudoRole)(entryUSN>=485025)(!(entryUSN=485025))).
In the LDAP-Tree I can't see any attribute named
problem?
Best regards,
Fabian
-Ursprüngliche Nachricht-
Von: Alexander Bokovoy [mailto:aboko...@redhat.com]
Gesendet: Montag, 7. März 2016 09:07
An: Zoske, Fabian
Cc: freeipa-users@redhat.com
Betreff: Re: [Freeipa-users] SSSD does not fetch Sudo Rules anymore
On Mon, 07 Mar 2016, Zoske,
On Mon, 07 Mar 2016, Zoske, Fabian wrote:
Hi,
in our environment server (ipa-server-4.2.0-15.el7_2.6.x86_64 and
sssd-1.13.0-40.el7_2.1.x86_64 on CentOS 7.2) and client
(ipa-client-4.2.0-15.el7_2.6.x86_64 and sssd-1.13.0-40.el7_2.1.x86_64
on CentOS 7.2) SUDO rules doesn’t get fetched anymore.
Hi,
in our environment server (ipa-server-4.2.0-15.el7_2.6.x86_64 and
sssd-1.13.0-40.el7_2.1.x86_64 on CentOS 7.2) and client
(ipa-client-4.2.0-15.el7_2.6.x86_64 and sssd-1.13.0-40.el7_2.1.x86_64 on CentOS
7.2) SUDO rules doesn’t get fetched anymore.
I debugged SSSD and SUDO and found out,