[Samba] howto install sudo schema
shadrock uhuru
niyalevi at gmail.com
Thu Aug 14 11:07:29 MDT 2014
Hi
just this last issue and i'm set to go,
> I use sssd to get the sudo rules from AD and do not index the sudoUser
> attribute, in fact, thinking about it, I don't index anything ;-)
>
> What I had to do was alter the 'nTSecurityDescriptor' attribute on
> 'CN=SUDOers', to allow Domain Computers to access the rules
>
> Rowland
not sure what you mean are your referring to this file
$ cat sudo_user
dn: cn=%wheel,ou=SUDOers, DC=tissisat,DC=co,DC=uk
objectClass: top
objectClass: sudoRole
cn: %wheel
sudoUser: %wheel
sudoHost: ALL
sudoCommand: ALL
specifically to change cn=%wheel and sudoUser: %wheel
dn: cn=%Domain Computers,ou=SUDOers, DC=tissisat,DC=co,DC=uk
objectClass: top
objectClass: sudoRole
cn: %Domain Computers
sudoUser: %Domain Computers
sudoHost: ALL
sudoCommand: ALL
or to change sudoHost: ALL
dn: cn=%wheel,ou=SUDOers, DC=tissisat,DC=co,DC=uk
objectClass: top
objectClass: sudoRole
cn: %wheel
sudoUser: %wheel
sudoHost: +Domain Computers
sudoCommand: ALL
if both are completely wrong could you name and show me
your file that you modified for Domain Computers.
thanks
Shadrock
More information about the samba
mailing list