Thank you for the response. If I may, can you expand more on the sudoers response?
More details from my configuration ... The current setup for me is that all my sudoers rules/commands and groups are defined and stored in the RHEL 7.1 IDM LDAP. When I create the /etc/sudo-ldap.conf (snippet below), I'm still not able to get it working on these 5.5 Linux clients. uri ldap://ldap-server-name/ sudoers_base ou=SUDOers,dc=EXAMPLE,dc=COM binddn uid=sudo,cn=sysaccounts,cn=etc,dc=EXAMPLE,dc=COM bindpw secret_pass bind_timelimit 5 timelimit 15 In your experience, am I missing some other component? PAM Modules? Reference in the /etc/nsswitch.conf? -----Original Message----- From: freeipa-users-boun...@redhat.com [mailto:freeipa-users-boun...@redhat.com] On Behalf Of Jakub Hrozek Sent: Tuesday, November 17, 2015 2:56 AM To: freeipa-users@redhat.com Subject: Re: [Freeipa-users] Oracle Linux 5.5 - Legacy Question On Mon, Nov 16, 2015 at 08:58:37PM +0000, Jeffrey Stormshak wrote: > Greetings --- > I'm in the process of deploying the RHEL 7.1 IDM into my enterprise and we > have a great number of Oracle Linux 5.5 servers. Upon research from Oracle > (ULN Channels) the Linux "ipa-client" was only released for 5.6 and then > upstream. I went ahead and configured the PAM/LDAP authentication method for > 5.5 and so far its working as expected. With that history being said ... > > I'm having difficulty getting TLS and "sudoers" to be managed by the RHEL IDM > to these 5.5 clients. Can anyone share some insight or documentation details > on how to solve these two problems prior to my mass deployment? Any insight > is greatly appreciated. Thanks! Not sure about TLS but sudoers should be managed with their ldap config (there's no sssd, hence to sssd sudo integration..) -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
