On Mon, Nov 24, 2014 at 8:38 PM, William Muriithi
william.murii...@gmail.com wrote:
Evening,
After looking at almost all the SUDO documentation I could find, it looks
one has to hardcode FreeIPA hostname on sssd.conf file. Below is what red
hat advice to add in sssd config file.
services
Implications of adding above is that SUDO would break if the
hardcoded ipa is not available even if there is another replica somewhere
in the network. Is that correct assumption?
Is there a better way of doing it that I have missed?
Which version of sssd do you have?
sssd = 1.10 has native
List more than 1 LDAP sever in you config then.
ldap_uri, ldap_backup_uri (string)
Specifies the comma-separated list of URIs of the LDAP servers to which
SSSD should connect in the order of preference. Refer to the FAILOVER
section for more information on failover and server redundancy. If
Evening,After looking at almost all the SUDO documentation I could find, it looks one has to hardcode FreeIPA hostname on sssd.conf file. Below is what red hat advice to add in sssd config file.services = nss, pam, ssh, pac, sudo [domain/idm.coe.muc.redhat.com] sudo_provider = ldap ldap_uri =
List more than 1 LDAP sever in you config then.
ldap_uri, ldap_backup_uri (string)
Specifies the comma-separated list of URIs of the LDAP servers to which
SSSD should connect in the order of preference. Refer to the FAILOVER
section for more information on failover and server redundancy. If