[sudo-users] uri Vs host in /etc/ldapo.conf
Todd C. Miller
Todd.Miller at courtesan.com
Mon Dec 10 11:33:22 EST 2007
In message <1196972068.5977.45.camel at wade-linux.itiva.com>
so spake Wade Klaver (wadeklaver):
> I had a hell of a time getting sudo to check ldap until I added a
> "host" line to ldap.conf. With just the uri line, it only attempts to
> connect to localhost. If I add a host line, it connects to the server
> listed there. However, the example in the sudo LDAP readme says
> either/or. Below is the ldap.conf and a debugging log. In the example
> below, if I add the line "host skywarp.itivalabs.net", things start
> working.
Actually, 1.6.9p9 _does_ include the uri support after all. Example
debug output:
LDAP Config Summary
===================
uri ldap://localhost
ldap_version 3
sudoers_base ou=SUDOers,dc=courtesan,dc=com
binddn (anonymous)
bindpw (anonymous)
bind_timelimit -1
timelimit -1
ssl (no)
However, this will only work if your ldap libs support the
ldap_initialize() function. Can you check your config.h file and
see if HAVE_LDAP_INITIALIZE is defined?
I just tested a Fedora 7 machine and configure finds ldap_initialize()
and does define HAVE_LDAP_INITIALIZE correctly. It's still possible
that this is a configure-related problem.
- todd
More information about the sudo-users
mailing list