[sudo-users] LDAP & Sudo

Stanley, Jon Jon.Stanley at savvis.net
Mon Jul 2 08:03:31 EDT 2007

In order to successfully build LDAP clients, you'd need the openldap
andx openldap-devel RPM's.  In order to use PAM with ldap, you'd need

Also, openldap will obviously have to be configured to use yoxur LDAP
server.  Openldap-clients may also be helpful for debugging, however not
really necessary.

-----Original Message-----
From: sudo-users-bounces at courtesan.com
[mailto:sudo-users-bounces at courtesan.com] On Behalf Of Andy Loughran
Sent: Monday, July 02, 2007 1:21 AM
To: sudo-users at sudo.ws
Subject: [sudo-users] LDAP & Sudo

Hi guys, I'm new to the list so please don't bite!

I've followed the following howto to setup sudo on RHEL with the LDAP
server @ localhost, and everything works great.


However, I use the same LDAP server to authenticate users on two other
machines - and I need to be able to read their details off LDAP for sudo
- like I do on the machine local to LDAP.

When compiling sudo --with-ldap, and --with-pam it fails on the client
#gcc -c -I. -I.  -O2 -D_PATH_SUDOERS=\"/etc/sudoers\"
-DSUDOERS_MODE=0440  ldap.c
#ldap.c:52:18: error: lber.h: No such file or directory
#ldap.c:54:18: error: ldap.h: No such file or directory
#ldap.c: In function 'sudo_ldap_check_user_netgroup':

I notice that the --with-ldap flag also has the option of setting a
directory.  Does that mean it'll only work where the LDAP server is on
the same machine as the sudoers config?


Andy Loughran
m: 07921076319

sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:

More information about the sudo-users mailing list