[sudo-users] objectClass=sudoRule vs objectClass=sudoRole in AD

Todd C. Miller Todd.Miller at courtesan.com
Fri Oct 11 09:14:06 MDT 2013

On Fri, 11 Oct 2013 09:56:50 -0400, Curtis.CTR.Roze at faa.gov wrote:

> No I don't. I didn't know anything about it.

You shouldn't need to set it.  I just don't see how you could end
up with a query that uses objectClass=sudoRule unless an explicit
filter was used.

If you set:

sudoers_debug 2

in ldap.conf you should be able to see the queries sudo is making.

 - todd

More information about the sudo-users mailing list