Comments on How to Integrate Sudoers with OpenLDAP Server

In this tutorial, you will set up and integrate sudoers to the OpenLDAP server. With this, you will have a centralized user and sudo privileges management on your OpenLDAP server allowing the installation on the client side faster. Any SSSD service on the client machine configured with a sudo authentication source allows OpenLDAP users to execute sudo.

1 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By: abisko00
Reply  

Fantastic tutorial! I was super happy to have such a guide throught the LDAP settings. On my system (Ubuntu 20.04), the scheme.OpenLDAP was not available anywhere or I couldn't find it. The path to the schemes folder was called /etc/ldap/scheme (not 'openldap'). On the client, my changes in sssd.conf were slightly different as adapted from the ubuntu manpages: not 'sudoers_base' but 'ldap_sudo_search_base'. No changes were required in /etc/nsswitch.conf. Other than that, I could follow every to the point okay, I did change the domain name ;))

Any comment on what the 'homedir_substring' in sssd.conf is doing? Do I need it? My users may use a different home directories (local and server based).

Thanks a lot!