[sudo-users] Can't get sudo working with ldap
Justin Albstmeijer
justin at VLAMea.com
Wed Apr 6 05:14:17 EDT 2005
"SudoCommand: (ALL) ALL" should be "sudoCommand: ALL"
A bug in sudoers2ldif?
> Howdy all,
>
> I followed the instructions in the LDAP.readme and everything seemed to
be going smooth until I actually tried executing sudo. I get the
following below. Everything on the ldap server shows communication
between the two servers. Any ideas?
>
> Thanks!
>
> -Matt
>
> ---snip---
>
> orion$ sudo bash
> LDAP Config Summary
> ===================
> host *****************
> port 389
> ldap_version 3
> sudoers_base ou=SUDOers,dc=********,dc=net
> binddn cn=pamclient,ou=SystemAccounts,dc=********,dc=net
> bindpw *****************
> ssl on
> ===================
> ldap_init(************,389)
> ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,0x03)
> ldap_bind() ok
> found:cn=defaults,ou=SUDOers,dc=********,dc=net
> ldap search
> '(|(sudoUser=mjuszczak)(sudoUser=%users)(sudoUser=%users)(sudoUser=%users)(sudoUser=%admin)(sudoUser=ALL))'
found:cn=mjuszczak,ou=SUDOers,dc=*********,dc=net
> ldap sudoHost 'orion' ... MATCH!
> ldap sudoCommand '(ALL) ALL' ... not
> ldap search 'sudoUser=+*'
> user_matches=-1
> host_matches=-1
> sudo_ldap_check(0)=0x04
> Password:
> mjuszczak is not in the sudoers file. This incident will be reported.
orion$
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
>
>
More information about the sudo-users
mailing list