[sudo-users] sudoers and winbind
Boomer Brainfood
boomer at brainfood.homelinux.org
Mon Jul 12 10:34:13 EDT 2010
Hello everybody,
my company want's to integrate all Unix servers into active directory.
For "normal" account management I decided more or less to go down the
winbind route.
To have all information in one place, we also want to put sudoers in the AD.
Now the question is, how can I access the information ?
I don't think, winbind can provide sudoers information.
So, I guess I have to maintin a separate ldap.conf for sudo.
But, how does sudo authenticate to the LDAP server (the user is
authenticated using pam and thus through winbind (unless NOPASSWD is
defined))
- somebody told me that AD doesn't support anonymous queries
- if anonymous queries are possible, then sudoers becomes world-readable,
which is different from the local filesystem
Sincerely
Bernhard
--
Minds are like parachutes
They only function when open
More information about the sudo-users
mailing list