[Samba] howto install sudo schema

shadrock uhuru niyalevi at gmail.com
Sat Aug 16 21:46:12 MDT 2014

Hi all
i have added the sudo attribute ldif and sudo class ldif files without
the following has also been added without errors.

dn: cn=%wheel_rule,ou=SUDOers,DC=tissisat,DC=co,DC=uk
objectClass: top
objectClass: sudoRole
cn: %wheel
sudoUser: %wheel
sudoHost: ALL
sudoCommand: ALL

using the info here
i tried to set the acl which gave me these errors

$ sudo samba-tool dsacl set -H /etc/samba/private/sam.ldb
--objectdn="OU=SUDOers,dc=tissisat,dc=co,dc=uk " --sddl="(A;CI;RPLCRC;;;DC)"
ERROR(ldb): uncaught exception - NULL Base DN invalid for a base search
  File "/usr/lib/python2.7/site-packages/samba/netcmd/__init__.py", line
175, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/samba/netcmd/dsacl.py", line
163, in run
    sid = self.find_trustee_sid(samdb, trusteedn)
  File "/usr/lib/python2.7/site-packages/samba/netcmd/dsacl.py", line
88, in find_trustee_sid

$ sudo ldbedit -e nano -H /etc/samba/private/sam.ldb -b
'(&(objectClass=organizationalUnit)(ou=sudoers))' nTSecurityDescriptor
no matching records - cannot edit


could you detail the ldbsearch commands to list the attribute and class
details to check that the records have been added correctly ?
what is the right Base DN to set the acl ?


More information about the samba mailing list