Thanks, that helps! I mistyped binddn and bindpw
----- Mail original ----- De: "Lukasz Jaworski" <[email protected]> À: "Nicolas Zin" <[email protected]> Cc: [email protected] Envoyé: Mardi 17 Février 2015 13:31:20 Objet: Re: [Freeipa-users] issues with sudo on RHEL5.8 > > With a RHEL7 IDM installation, I try to make sudo working. > On RHEL6 no problem (via sssd) > On RHEL5.8 I don't manage to make it working (credential are good, I manage > to request the schema, see below) > Where can I found more logs? > What did I forget? > [root@srv-rhel58-01 ~]# cat /etc/nss_ldap.conf > bindn uid=sudo,cn=sysaccounts,cn=etc,dc=company,dc=com > binpw redhat5Sudo > ssl start_tls > tls_cacertfile /etc/openldap/cacerts/ipa.crt > #tls_cacert /etc/openldap/cacerts/ipa.crt > tls_checkpeer yes > #uri ldap://srv-idm7-01.company.com, ldap://srv-idm7-02.company.com > uri ldap://srv-idm7-01.company.com > sudoers_base ou=SUDOers,dc=company,dc=com > sudoers_debug: 2 change last line (remove ":") to: sudoers_debug 2 And then try sudo. Check: /etc/nsswitch.conf should be: sudoers: files ldap Best regards, Ender -- Łukasz Jaworski -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
