[sudo-users] LDAPS + sudo + AIX 7.1
Todd C. Miller
Todd.Miller at courtesan.com
Tue Oct 22 16:50:34 MDT 2013
On Mon, 21 Oct 2013 16:02:52 -0500, ace man wrote:
> I am sorry if I am not allowed to revive an old thread. I noticed today that
> sudo is not detecting multiple URIs in /etc/ldap.conf .
>
> I tried:
>
> uri ldap://ldapserver1 ldap://ldapserver2
That should work OK. From the debug output I can see that ldap_init()
is being called with both host names. The IBM LDAP docs state that
multiple hosts are supported so sudo appears to be doing the right
thing there. Are you not seeing failover to the second server?
> and
>
> uri ldap://ldapserver1
> uri ldap://ldapserver2
This should work too but there is a bug in the uri parser that
causes only the last one to be added. That bug will be fixed in
sudo 1.8.9.
- todd
More information about the sudo-users
mailing list