«
»

ldap and sudo issue on Linux box


issue with sudo, we can login with ldap account but can’t sudo -i. When turned on sudoer debug, got following error.
sudo: user_matches=1
sudo: host_matches=0
sudo: sudo_ldap_lookup(0)=0×40
[sudo] password for edy:

Actually the same configuration works on other hosts.
On broken-host, debug info,
sudo: found:cn=UNIX-Team-root,ou=SUDOers,dc=abc,dc=com
sudo: ldap sudoUser netgroup ‘+unixadms’ … not

On working-host, debug info,
sudo: found:cn=UNIX-Team-root,ou=SUDOers,dc=abc,dc=com
sudo: ldap sudoUser netgroup ‘+unixadms’ … MATCH!

finally turned out domainname issue.
working-host:
$ domainname
abc.com

broken-host
$ domainname
(none)
Changed domainname using “domainname command”
# domainname abc.com

Then everything works fine.

This entry was posted on 2011-12-19, 17:16 and is filed under linux. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

  1. #1 by andy on 2012-01-02 - 18:27

    domainnname
    typo. I think it’s domainname(2 “n”) ;-D

    Quote

  2. #2 by edyliu on 2012-01-04 - 22:33

    yep. thanks

    Quote
(will not be published)