==== on domain controller ======= [nathan.peters@dc2 ~]$ getent group deployment_engineer [nathan.peters@dc2 ~]$ getent group sysadmins [nathan.peters@dc2 ~]$ id nathan.peters uid=756600344(nathan.peters) gid=756600344(nathan.peters) groups=756600344(nathan.peters),756600000(admins) [nathan.peters@dc2 ~]$
===== on client ===== [nathan.peters@kafka1 ~]$ id nathan.peters uid=756600344(nathan.peters) gid=756600344(nathan.peters) groups=756600344(nathan.peters),756600000(admins) [nathan.peters@kafka1 ~]$ getent group deployment_engineer [nathan.peters@kafka1 ~]$ getent group sysadmins -----Original Message----- From: Lukas Slebodnik [mailto:[email protected]] Sent: Monday, June 13, 2016 1:54 PM To: Nathan Peters Cc: [email protected] Subject: Re: [Freeipa-users] [FreeIPA 4.3.0] CentOS 6.8 sudo fails On (13/06/16 20:24), Nathan Peters wrote: >Taking a second look at the sudo debugging logs : it looks like it >can't figure out that I'm in the right group ? > >According to : >https://fedorahosted.org/sssd/wiki/HOWTO_Troubleshoot_SUDO >those next 2 lines should be true ? > That's exactly a reason why I asked for output of ipa commands for groups deployment_engineer and sysadmins. What is and output of: * id nathan.peters * getent group deployment_engineer * getent group sysadmins You might try to run it on ipa server and ipa client(CentOS 6.8) LS -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
