Hi Jakub, Thanks but I have sudo working OK. What I am trying make work is HBAC. That I canĀ¹t get to work with the proxy hack. Is there a way to do that?
Thanks, Warren ___________________ Warren Birnbaum : Infrastructure Services Digital Linux Infrastructure Services Europe CDT Techn. Operations Nike Inc. : Mobile +31 6 23902697 On 2/15/16, 11:31 AM, "freeipa-users-boun...@redhat.com on behalf of Jakub Hrozek" <freeipa-users-boun...@redhat.com on behalf of jhro...@redhat.com> wrote: >On Mon, Feb 15, 2016 at 09:34:33AM +0000, Birnbaum, Warren (ETW) wrote: >> Hello, >> >> I would like to get freeipa to work with a proxy solution ( I currently >>have this working with an active directory/no trust authentication and >>sudo but no HBAC) including HBAC. I can get sudo to work but not HBAC. >>I see there is a ticket for this as a new enhancement #4634 but wanted >>to confirm that there isn't another way to accomplish this. >> >> Here is my current configuration for proxy and this works OK: > >I've used the proxy hack to enable sudo for local (=/etc/passwd) users >with LDAP sudoers and it just worked. Can you try following: > https://fedorahosted.org/sssd/wiki/HOWTO_Troubleshoot_SUDO >and see which part does not work? > >-- >Manage your subscription for the Freeipa-users mailing list: >https://www.redhat.com/mailman/listinfo/freeipa-users >Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project