On Wed, Jul 20, 2016 at 09:27:34AM +0530, Visakh MV wrote: > Hi, > > > first case: As per your direction, things are going well even if we are > facing some issues as well. even like once logged in to ipa-client machine > with ipa user with certain privilege after that while using terminal " TAB" > and " Arrow " keys have not working. due to the same we can not use the > system properly.
I don't think keyboard keys have much to do with IPA. I wonder if the user has the shell you'd expect set or the correct homedir with your shell dotfiles? > > second case: if any policy would have to edit at any certain reason then it > will not update it with at real time, it could take some time to update new > changes. is there any command to update at real time? Depends on what do you need to update. But it's true that sssd caches a lot of information. For user and group data, you can call sss_cache. Please note that invalidating sudo rules with sss_cache was only added to sssd-1.14. > > third case: what are the sudo rule option? > > only one sudo option you have shared across the doc " !authenticate " has > working fine. and it will not take other custom options. > > example: I added one sudo option inside sudo rule like " rootprivilege " > but its showing one error on client machine while checking allowed > commands. I'm afraid you need to enable debugging and look a bit into the logs. We have an upstream sudo troubleshooting guide: https://fedorahosted.org/sssd/wiki/HOWTO_Troubleshoot_SUDO -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project