[sudo-users] LDAP issue.

J. techchavez at gmail.com
Wed May 13 12:11:55 EDT 2009

Hello list,
Is there anything I need to do to get SUDO to work against an LDAP
server other than OpenLDAP using RHEL 5?
Do I possibly need to use the --with-ldap with a different directory or path?
I have built sudo with these configure options .
configure --prefix=/usr/local/sudo --with-ldap
This works great from my Solaris clients against a Fedora Directory server.

However on RHEL 5 it does not.
I am getting a "sudo: No valid sudoers sources found, exiting"
This happens even though I have added "sudoers: ldap" to /etc/nsswitch.conf..

If I specify files only in nsswitch, then the I get a prompt and when
I enter the password it says.
Sorry try again 3 times immediately.
I unbderstand this is most likely a PAM issue because I saw a reply to
a previous post saying that the way to fix this is to copy sample.pam
to /etc/pam.d/sudo. This however did not fix it.
I am less concerned with this than the LDAP not being recognized as a
valid source.

What I have done on the RHEL box...
added sudoers: ldap   to nsswitch.conf
added the following to /etc/sudoers.ldap.
host hostname
sudoers_base ou=SUDOers,o=ORG

Also the RHEL box works fine as an LDAP client. Any ideas?


More information about the sudo-users mailing list