sudo groups in PAM LDAP

Aaron Spangler as at
Wed Feb 18 16:33:21 EST 2004

If you use Sudo 1.6.8 or higher, you can have it lookup sudo privileges 
through LDAP. (instead of or in addition to /etc/sudoers).  
You can group your users through UNIX groups or Netgroups.  If you are using 
NSS_LDAP then your groups & netgroups can be stored in LDAP.  (See RFC 2307)

Currently this version of sudo can only be got from CVS.  (See the sudo web 
page on how to download the code through CVS).

Also when you configure sudo, do it like this
./configure --with-pam --with-ldap

Make sure to view the 'README.LDAP' file and let me know if you have any

  - Aaron

On Wednesday 18 February 2004 11:09 pm, Ezsra McDonald wrote:
> I have gotten sudo compiled and it seems to work with
> pam ldap.
> BUT, I use groups to give different levels of access
> to users. Does sudo use the ldap groups?
> I can only get it to work with the local group file.
> --Ezsra
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail SpamGuard - Read only the mail you want.
> ____________________________________________________________
> sudo-users mailing list <sudo-users at>
> For list information, options, or to unsubscribe, visit:

More information about the sudo-users mailing list