[sudo-users] Can't get sudo working with ldap
Matt Juszczak
matt at atopia.net
Wed Apr 6 05:41:57 EDT 2005
Yep, I think so :)
On Wed, 6 Apr 2005, Justin Albstmeijer wrote:
> "SudoCommand: (ALL) ALL" should be "sudoCommand: ALL"
>
> A bug in sudoers2ldif?
>
>> Howdy all,
>>
>> I followed the instructions in the LDAP.readme and everything seemed to
> be going smooth until I actually tried executing sudo. I get the
> following below. Everything on the ldap server shows communication
> between the two servers. Any ideas?
>>
>> Thanks!
>>
>> -Matt
>>
>> ---snip---
>>
>> orion$ sudo bash
>> LDAP Config Summary
>> ===================
>> host *****************
>> port 389
>> ldap_version 3
>> sudoers_base ou=SUDOers,dc=********,dc=net
>> binddn cn=pamclient,ou=SystemAccounts,dc=********,dc=net
>> bindpw *****************
>> ssl on
>> ===================
>> ldap_init(************,389)
>> ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,0x03)
>> ldap_bind() ok
>> found:cn=defaults,ou=SUDOers,dc=********,dc=net
>> ldap search
>> '(|(sudoUser=mjuszczak)(sudoUser=%users)(sudoUser=%users)(sudoUser=%users)(sudoUser=%admin)(sudoUser=ALL))'
> found:cn=mjuszczak,ou=SUDOers,dc=*********,dc=net
>> ldap sudoHost 'orion' ... MATCH!
>> ldap sudoCommand '(ALL) ALL' ... not
>> ldap search 'sudoUser=+*'
>> user_matches=-1
>> host_matches=-1
>> sudo_ldap_check(0)=0x04
>> Password:
>> mjuszczak is not in the sudoers file. This incident will be reported.
> orion$
>> ____________________________________________________________
>> sudo-users mailing list <sudo-users at sudo.ws>
>> For list information, options, or to unsubscribe, visit:
>> http://www.sudo.ws/mailman/listinfo/sudo-users
>>
>>
>
>
>
>
>
> !DSPAM:4253a9067851319355225!
>
More information about the sudo-users
mailing list