[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Issue while Centralizing SUDO with OpenLDAP
Am Freitag 20 Mai 2011, 14:35:31 schrieb pradyumna dash:
> Hi Buchan,
>
> Thanks for your reply. I have tried but the schema is not getting
> loaded, dont know why.
How did you try adding the schema? What error messages did you get? Are
you using slapd.conf or back-config?
> I have tried the same setup with centos and
> redhat it looks perfect.
> I am using SuSE Enterprise 11.
>
> Regards,
> Pradyumna
>
> On Tue, May 17, 2011 at 9:11 AM, Buchan Milne
<bgmilne@staff.telkomsa.net>wrote:
> > On Monday, 16 May 2011 17:38:31 pradyumna dash wrote:
> > > Hi,
> > >
> > > I am trying to acheive centralizing SUDO, but facing an issue,i
> > > suspect its something to do with sudoers.schema, May be am wrong.
> > > I think somehow the slapd process is not able to read it. Please
> > > suggest how to fix the issue.
> >
> > [...]
> >
> > > t710x02-6:/etc/openldap/schema # ldapadd -f /opt/newsudo.ldif -h
> > > 127.0.0.1 -D cn=Manager,dc=example,dc=com -W -x
> > > Enter LDAP Password:
> > > adding new entry "cn=defaults,ou=SUDOers,dc=example,dc=com"
> > >
> > > ldap_add: Invalid syntax (21)
> > >
> > > additional info: objectClass: value #0 invalid per syntax
> > >
> > > sudoers.ldif
> > > dn: cn=defaults,ou=SUDOers,dc=example,dc=com
> > > #objectClass: top
> > > objectClass: sudoRole
> > > cn: defaults
> >
> > Please verify that you have actually included the sudoers.schema in
> > your configuration, and that slapd was restarted after that.
> >
> > You could check that the objectclass exists in your server. In my
> > case:
> >
> > $ ldapsearch -x -s base -b cn=subschema objectclasses|perl -p0e
> > 's/\n //g'
> >
> > grep -i sudo
> > objectClasses: ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' DESC
> > 'Sudoer Entries'
> > SUP top STRUCTURAL MUST cn MAY ( sudoUser $ sudoHost $ sudoCommand $
> > sudoRunAs
> > $ sudoOption $ description ) )
Ralf