Asif Iqbal wrote:
> Can I user sssd instead of nss-pam-ldapd for sudo authentication
> only and use local sudoers file for rules?
Yes.
Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
___
sssd-users mailing list --
On Mon, Oct 16, 2017 at 5:37 PM, Lukas Slebodnik
wrote:
> On (16/10/17 15:16), Asif Iqbal wrote:
> >On Mon, Oct 16, 2017 at 1:17 PM, Asif Iqbal wrote:
> >
> >>
> >> On Fri, Oct 13, 2017 at 6:26 PM, Daniel Corrigan <
> dancorrig...@gmail.com>
> >> wrote:
>
On (16/10/17 15:16), Asif Iqbal wrote:
>On Mon, Oct 16, 2017 at 1:17 PM, Asif Iqbal wrote:
>
>>
>> On Fri, Oct 13, 2017 at 6:26 PM, Daniel Corrigan
>> wrote:
>>
>>> I'm wondering if you have even extended your LDAP schema for sudo. Sudo
>>> rules must
On Mon, Oct 16, 2017 at 1:17 PM, Asif Iqbal wrote:
>
> On Fri, Oct 13, 2017 at 6:26 PM, Daniel Corrigan
> wrote:
>
>> I'm wondering if you have even extended your LDAP schema for sudo. Sudo
>> rules must follow a proper schema in order to be valid.
>>
>
On Fri, Oct 13, 2017 at 6:26 PM, Daniel Corrigan
wrote:
> I'm wondering if you have even extended your LDAP schema for sudo. Sudo
> rules must follow a proper schema in order to be valid.
>
I suppose I will just use local/proxy->local with sudo since IT wont add a
sudo
In our environment, regular users authenticate via sssd/ldap, and
emergency user(s) via PAM if/when sssd + RSA securid fails. Still
running sssd 1.14.2 on el6.
Thanks
On 10/16/2017 11:04 AM, hedr...@rutgers.edu wrote:
On certain servers I want IPA authentication but the local user/group
On certain servers I want IPA authentication but the local user/group database.
With sssd 1.14, I could specify pam as the only service and put files in
/etc/nsswitch.conf. With sssd 1.15, I get extra groups with that setting. I had
to set id_provider=none, which is undocumented. I'd be happy
On 10/14/2017 11:05 AM, Lukas Slebodnik wrote:
On (14/10/17 01:42), Daniel Bryan wrote:
Hello, I noticed some of our users having linux authentication issues
recently. Upon further digging it happened when a GPO was applied to the
same OU these linux servers belonged to. The debug logs said