[sudo-users] LDAPS + sudo + AIX 7.1
ace man
kevev at hotmail.com
Mon Oct 21 15:02:52 MDT 2013
I am sorry if I am not allowed to revive an old thread. I noticed today that sudo is not detecting multiple URIs in /etc/ldap.conf .
I tried:
uri ldap://ldapserver1 ldap://ldapserver2
and
uri ldap://ldapserver1
uri ldap://ldapserver2
With the first setup only the first server is used.
Relevent output:
sudo: uri ldap://ldapserver1 ldap://ldapserver2
sudo: ldap_init (ldapserver1 ldapserver2, 389)
With the second setup only the second server is used.
sudo: uri ldap://ldapserver1
sudo: uri ldap://ldapserver2
sudo: ldap_init (ldapserver2, 389)
According to the Sudoers man page I should be able to use either of these stanzas to have sudo attempt to connect to both ldap servers.
This is the same code setup from this thread if anyone wants history on my AIX setup. Any help would be appreciated. :o)
> Date: Wed, 28 Aug 2013 10:55:20 -0400
> From: syberghost at gmail.com
> To: sudo-users at sudo.ws
> Subject: Re: [sudo-users] LDAPS + sudo + AIX 7.1
>
> On Wed, Aug 28, 2013 at 10:43 AM, Todd C. Miller
> <Todd.Miller at courtesan.com>wrote:
>
> > On Wed, 28 Aug 2013 08:03:54 -0500, ace man wrote:
> >
> > > I figured out my issue. It seems as though sudoers or AIX does not like
> > > special characters in the TLS_KEYPW field.
> > >
> > > My password was like so #TssE!4v
> >
> > That is because '#' is the comment character so anything after the
> > '#' was being ignored.
>
>
> Not a good idea to use # in a password anyway, since on some platforms
> that's the "erase" character when typing.
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
More information about the sudo-users
mailing list