On Fri, May 18, 2012 at 02:35:18PM -0700, Gelen James wrote: > Hi all, > Are the sudo rules applied to IPA clients through nss_ldap, instead of > sssd?
Neither :-) sudo looks up the user information via the standard name-service-switch maps, so if your machine is configured to fetch user and group information using the sss NSS module in nsswitch.conf, then the requests get to sssd. As Stephen Ingram pointed out elsewhere in this thread, sudo only reads the nss_ldap/nss-pam-ldapd config files but establishes the connection to the LDAP server and fetches the data on its own. _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
