Lukas Slebodnik wrote: > On (08/11/17 16:01), Andrea Passuello wrote: >> Hi all, >> I use SSSD with OpenLDAP and I am able to authenticate users. >> I am trying to configure SSSD for managing and caching sudo but I can't use >> sudo and the system reply me with this: >> >> Sorry, user xxx is not allowed to execute '/usr/bin/apt-get update' as root >> on MACHINE. >> > A) ensure that you have right version of sudo installed on debian/ubuntu > It need to be compiled with sssd support > sudo --version | grep sssd For whatever reason Debian has to different sudo packages: sudo - Provide limited super user privileges to specific users sudo-ldap - Provide limited super user privileges to specific users
For "sudoers: sss" in nsswitch.conf you need package "sudo" and *not* "sudo-ldap" even if you have your sudoers entries in LDAP directory. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org