[Samba] Sudo rules in samba with winbind

Martin Krämer mk.maddin at gmail.com
Fri Apr 12 14:12:53 UTC 2019

Hello All,

I am currently changing my samba linux clients (Debian) from sssd binding
to winbind.
With sssd I had all sudo rules within the samba active directory.
The configuration was based on:

Is there some guideline like the one mentioned available/has someone
already experience with this for winbind based clients?
Within the conversation I found that Rowland was trying to setup something
like this but seemed to have problems with "k5start". Well, I still have
problems with the basics since based on
https://manpages.debian.org/stretch/sudo-ldap/sudoers.ldap.5.en.html I need
to configure /etc/nsswitch.conf.
I decided for test to just keep "*sudoers: ldap*"
As soon as I change this I recieve the following error (based on my test
independently what I define within /etc/sudo-ldap.conf:

*user at cd2bd668e00c7:~$ sudo -v*
*sudo: no valid sudoers sources found, quitting*
*sudo: unable to initialize policy plugin*

Thanks for help & hints


More information about the samba mailing list