On Thu, Sep 17, 2015 at 11:42:54AM +0000, Andy Thompson wrote: > I've narrowed it down a bit doing some testing. The sudo rules work when I > remove the user group restriction from them. My sudo rules all have my ad > groups in the rule > > Rule name: ad_linux_admins > Enabled: TRUE > Host category: all > Command category: all > RunAs User category: all > RunAs Group category: all > User Groups: ad_linux_admins <- if I remove this then the rule gets applied
Nice catch. Is the group visible after you login and run id? What is the exact IPA server version? -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
