[Samba] [Solved] Samba 4 sudoers

L.P.H. van Belle belle at bazuin.nl
Thu Apr 21 06:40:46 UTC 2016 

Hai John, 

Well yeah, im always up in to new things.. :-) 
And thanks in advance for shareing your config. 

Greetz, 

Louis



> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens John Gardeniers
> Verzonden: donderdag 21 april 2016 7:40
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] [Solved] Samba 4 sudoers
> 
> Good news, I now have this working. Once I finish writing my notes I'll
> make them available to whoever might want them. Just to clarify things a
> bit, here is what we have and what we wanted:
> 
> * Linux users are authenticated by the Samba 4 domain controllers via
> SSSD, which itself uses LDAP.
> * As we are a development house, we have a rather complex set of
> users/groups/permissions on the numerous servers. We wanted to manage
> this centrally via Active Directory, without touching the sudoers file
> on the Linux side.
> * As of now, on a test domain which is functionally a replica of our
> production domain, we are able to manage sudo permissions on our AD
> users and groups via a combination of ADSI Edit and ADUC.
> 
> ADSI Edit is used only to create a new rule, which we then edit in ADUC.
> As I am the only member of our team who has ever dealt with Active
> Directory before we are looking for any GUI tool which can make this a
> bit more intuitive, as the native Linux speakers aren't overly
> comfortable with the aforementioned tools. If you know of any we'd like
> to know.
> 
> A bit more testing and we can copy this to production. :)
> 
> regards,
> John
> 
> 
> On 20/04/16 14:18, John Gardeniers wrote:
> > Has anyone here managed to get sudo working with Samba 4 AD users,
> > using either ldap or sssd, with sssd preferred? If so, can you please
> > point me in the direction of whatever instructions you used? It seems
> > like there are a bunch of tutorials on the subject, each with
> > different, and sometimes conflicting, information but none of those
> > I've tried work for me.
> >
> > regards,
> > John
> >
> >
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list