[sudo-users] AIX SUDO with LDAP
Todd C. Miller
Todd.Miller at courtesan.com
Mon Sep 23 13:54:41 MDT 2013
On Mon, 23 Sep 2013 13:17:59 -0600, Harold Gutierrez wrote:
> Actually SUDO with LDAP in AIX use OpenLDAP not the base libraries. We
> already have SUDO LDAP version 1.6.9 working in AIX. But we need to upgrade
> to version 1.7 at least because sudoOrder was implemented in this version.
Actually, sudo's LDAP support can use either OpenLDAP or the
IBM/Tivoli LDAP libraries.
You should be able to build your own SUDO LDAP packages using the
mkpkg script that comes with sudo as long as you have a C compiler
and a few other development tools.
./mkpkg --flavor=ldap --with-aixauth --platform=rpm \
would built an rpm packages that uses AIX authentication and OpenLDAP
libraries and includes installed under /opt/openldap (adjust the
path as needed). If you want to use PAM instead just replace the
--with-aixauth with --with-pam.
More information about the sudo-users