Solved

ldap with visudo support

Posted on 2010-09-03
5
714 Views
Last Modified: 2013-12-24
Hello

I need to setup ldap for our environment, as we are tired or adding / removing users on each server. therefore ldap will come handy.

I need to know if it is possible to control visudo permissions from ldap? therefore we could alter visudo on one server & it will propagate to other servers.

Thank you
0
Comment
Question by:atigris
  • 3
  • 2
5 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 33595684
Hi,
here is a nice manual/HOWTO.
http://www.sudo.ws/sudo/sudoers.ldap.man.html
wmp
0
 
LVL 2

Author Comment

by:atigris
ID: 33605794
thanks for the link woolmilkporc, do I have to add anything to the openldap server to support this feature? or this feature it is supported by default?

from the article I understand that  I need it to change settings in the following files to support this feature.

/etc/ldap.conf
LDAP configuration file

/etc/nsswitch.conf
determines sudoers source order

/etc/openldap/schema
create a sudo schema for ldap users

I have been once told  that I need to re-compile ldap with visudo support for this feature to work! I'm not sure if that is true?

Thanks
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 33606110
>> do I have to add anything to the openldap server <<
Of course the schema you mentioned, but nothing else, afaik.

You don't need to recompile LDAP, but you must recomple sudo to support LDAP, if you don't have an LDAP enabled binary version anyway.

And what do you mean with "visudo" support?
Since you don't need a sudoers file, you don't need "visudo" either.
I never heard that editing the LDAP entries by means of "visudo" should be possible.

The README.LDAP recommends using LDAP browsers for this.

Here it is: http://www.sudo.ws/sudo/readme_ldap.html

Good luck!

wmp
0
 
LVL 2

Author Comment

by:atigris
ID: 33716818
Still working on it, I will get back to you on this soon. Thanks woolmilkporc:
0
 
LVL 2

Author Closing Comment

by:atigris
ID: 33719287
got it all figured out!
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
lunix and unix command 21 86
ORA-02288: invalid OPEN mode 2 56
How to prevent deleting SQL tables thru FE Application? 20 85
Post Clonezilla image restore issue 6 35
CCModeler offers a way to enter basic information like entities, attributes and relationships and export them as yEd or erviz diagram. It also can import existing Access or SQL Server tables with relationships.
Using SQL Scripts we can save all the SQL queries as files that we use very frequently on our database later point of time. This is one of the feature present under SQL Workshop in Oracle Application Express.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question