[sudo-users] sudo does not work....

Mahajan, Mudit Mudit.Mahajan at rbccm.com
Mon Feb 25 19:06:15 EST 2008


Hello Everyone,

 

Can anyone help me out to explain as what does sudo_ldap_check means, I
believe my authentication to LDAP works right but still why type my own
password it does not work. I can login using ssh directly to the box
with my username without any issues...

 

Thanks and Rgds,

 

Mudit

 

sudo -i AAAAAAAAA

LDAP Config Summary

===================

host         XXX.XXX.XXX.XXX

port         XXX

ldap_version 3

sudoers_base ou=somesudo,dc=somewhere,dc= somewhere,dc=com

binddn       cn=someagent,ou=somesudo,dc= somewhere,dc= somewhere,dc=com

bindpw       XXXXXXX

bind_timelimit  10

timelimit    30

===================

ldap_set_option(LDAP_OPT_TIMELIMIT,0x1e)

ldap_set_option(LDAP_OPT_X_OPT_CONNECT_TIMEOUT,0x2710)

ldap_init(XXX.XXX.XXX.XXXX,389)

ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,0x03)

ldap_bind() ok

no default options found!

ldap search
'(|(sudoUser=AAAAAAAA)(sudoUser=%dev)(sudoUser=%dev)(sudoUser=ALL))'

ldap search 'sudoUser=+*'

found:cn=BBBBBBB,ou=SUDOers,dc= somewhere,dc= somewhere,dc=com

ldap sudoUser netgroup '+BBBBBBB ... MATCH!

ldap sudoHost 'ALL' ... MATCH!

ldap sudoCommand 'ALL' ... MATCH!

ldap sudoRunAs 'root' ... MATCH!

Perfect Matched!

user_matches=-1

host_matches=-1

sudo_ldap_check(0)=0x02

 

We trust you have received the usual lecture from the local System

Administrator. It usually boils down to these three things:

 

    #1) Respect the privacy of others.

    #2) Think before you type.

    #3) With great power comes great responsibility.

 

Password:

Sorry, try again.

Password:

sudo: 1 incorrect password attempt

 

______________________________________________________________________

This email is intended only for the use of the individual(s) to whom it is addressed and may be privileged and confidential.
Unauthorised use or disclosure is prohibited.If you receive This e-mail in error, please advise immediately and delete the original message.
This message may have been altered without your or our knowledge and the sender does not accept any liability for any errors or omissions in the message.



More information about the sudo-users mailing list