On 13 October 2017 at 22:49, Asif Iqbal wrote: > > > On Fri, Oct 13, 2017 at 5:06 PM, John Beranek <[email protected]> wrote: >> >> On 13 October 2017 at 19:28, Asif Iqbal wrote: >> > Hi All >> >
>> > >> > (&(objectClass=mnetperson)(|(sudoUser=ALL)(name=defaults)(uid=iqbala)(sudoUser=#408462)(sudoUser=%iqbala)(sudoUser=+*))) >> > >> > How do I change the config to search like above? >> >> The search it's doing is to retrieve sudo rule objects from the >> directory, as defined in e.g. >> https://www.sudo.ws/man/1.8.17/sudoers.ldap.man.html >> >> Each LDAP object is equivalent to a line in a sudoers file. > > > I do not manage LDAP server, IT does and ldapsearch shows there is no > sudoRole or any sudo* objectclass. > > So that means I cannot use sudo for SSSD? The LDAP directory will typically need the schema adding, including for Active Directory ( http://jhrozek.livejournal.com/3860.html ) - so, yes, you need the cooperation of the LDAP administrators in IT. John _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
