Re: [Freeipa-users] Managing Sudo through FreeIPA

2012-11-08 Thread William Muriithi
Dmitri, > > The SODO integration is evolving so it important to know what OS and > version you are on. > I would assume you are on RHEL6.3 or equivalent. That's correct. I am on RHEL6.3 equivalent > There are two main ways to integrate SUDO with IPA. One with SSSD > integration and another witho

Re: [Freeipa-users] Managing Sudo through FreeIPA

2012-11-08 Thread William Muriithi
Steven, Thanks for the pointers. I remember finding a post on this, but having problem finding it now > > I assume rhel6.3 by the el6 in the rpm > > 1) Make sure the host and IPA server are fully patched/updated. I am current already > 2) Edit nsswitch.conf to have "sudoers: files ldap" as th

Re: [Freeipa-users] Managing Sudo through FreeIPA

2012-11-08 Thread JR Aquino
If you go to the CLI on the FreeIPA server and type: ipa sudorule It will give you some useful info. I believe you asked about the sudo user (which your log shows as currently unset, and configured as anonymous) Here is a snipit: -=-=-=-=-=- ... FreeIPA provides a designated binddn to use wit

Re: [Freeipa-users] Managing Sudo through FreeIPA

2012-11-08 Thread William Muriithi
FYI Got it working, credit to JR for pointing I need to assign a password to sudo account on LDAP and use it for binding. Thanks a lot William On 8 November 2012 12:11, William Muriithi wrote: > Steven, > > Thanks for the pointers. I remember finding a post on this, but having > problem findin

Re: [Freeipa-users] Managing Sudo through FreeIPA

2012-11-08 Thread Dmitri Pal
On 11/08/2012 01:15 PM, William Muriithi wrote: > FYI > > Got it working, credit to JR for pointing I need to assign a password > to sudo account on LDAP and use it for binding. Great to hear! > Thanks a lot > > William > > On 8 November 2012 12:11, William Muriithi wrote: >> Steven, >> >> Thank