On 02/25/2012 05:46 PM, JR Aquino wrote:
> On Feb 25, 2012, at 1:59 PM, "Marco Pizzoli" <
marco.pizzoli@gmail.com<mailto:
marco.pizzoli@gmail.com>> wrote:
>
> Hi guys,
> I had a look at this guide [1] but I'm not understanding the presented use-case.
>
> - I see that I have to add in /etc/nsswitch.conf the line "sudoers: files ldap".
> -> I'm telling sudo to check rules via ldap
>
>
> Yes. This doc was written before sssd or sudo had support for one another.
>
> - I have to add in sssd.conf the directive "ldap_netgroup_search_base = cn=ng,cn=compat,dc=example,dc=com"
> -> I'm telling sssd where to search for netgroups
>
>
> This is my fault, this too was documented prior to the default. This is no longer necessary.
>
> - I have to edit the file nslcd.conf and insert all ldap related stuff necessary to access the ldap server.
>
> This come my question: why do I have to split my conf between sssd.conf and nslcd.conf ?
>
>
> Because only the newest sudo version has support and it is not yet available In rhel...
>
>
> Can't I use directly sssd.conf and use it as sole tool/conf to access the ldap server?
> What am I missing?
>
>
> Again. Docs were written before any form of sssd support for sudo. I will see if I can locate any formal docs on which versions, and what configs are necessary.
>
>
> Thanks a lot as usual
> Marco
>
This is not yet even in Fedora. 1.8 is not released yet, it is in beta.