On Feb 25, 2012, at 1:59 PM, "Marco Pizzoli" <marco.pizz...@gmail.com<mailto:marco.pizz...@gmail.com>> wrote:
Hi guys, I had a look at this guide [1] but I'm not understanding the presented use-case. - I see that I have to add in /etc/nsswitch.conf the line "sudoers: files ldap". -> I'm telling sudo to check rules via ldap Yes. This doc was written before sssd or sudo had support for one another. - I have to add in sssd.conf the directive "ldap_netgroup_search_base = cn=ng,cn=compat,dc=example,dc=com" -> I'm telling sssd where to search for netgroups This is my fault, this too was documented prior to the default. This is no longer necessary. - I have to edit the file nslcd.conf and insert all ldap related stuff necessary to access the ldap server. This come my question: why do I have to split my conf between sssd.conf and nslcd.conf ? Because only the newest sudo version has support and it is not yet available In rhel... Can't I use directly sssd.conf and use it as sole tool/conf to access the ldap server? What am I missing? Again. Docs were written before any form of sssd support for sudo. I will see if I can locate any formal docs on which versions, and what configs are necessary. Thanks a lot as usual Marco [1] http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/example-configuring-sudo.html#Setting_up_sudo_Rules-Client_Configuration_for_sudo_Rules _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org<mailto:sssd-devel@lists.fedorahosted.org> https://fedorahosted.org/mailman/listinfo/sssd-devel _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel