[Samba] howto install sudo schema

shadrock uhuru niyalevi at gmail.com
Wed Aug 13 18:07:47 MDT 2014

i have modified the schema by deleting the

changetype: modify
add: schemaUpdateNow
schemaUpdateNow: 1

and i have moved the "dn: CN=sudoRole,CN=Schema,CN=Configuration,DC=X"
section to a separate ldif file.

my domain is tissisat.co.uk,
should i change all references to DC from DC=X  to 
DC=tissisat,DC=co,DC=uk ?

> I use sssd to get the sudo rules from AD and do not index the sudoUser 
> attribute, in fact, thinking about it, I don't index anything ;-)
> What I had to do was alter the 'nTSecurityDescriptor' attribute on 
> 'CN=SUDOers', to allow Domain Computers to access the rules
> Rowland

not sure what you mean but i assume your referring to

$ cat sudo_user

    dn: cn=%wheel,ou=SUDOers, DC=tissisat,DC=co,DC=uk
    objectClass: top
    objectClass: sudoRole
    cn: %wheel
    sudoUser: %wheel
    sudoHost: ALL
    sudoCommand: ALL

specifically cn=%wheel and sudoUser: %wheel


More information about the samba mailing list