Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: sudoers file with groups in LDAP
Operating Systems Solaris sudoers file with groups in LDAP Post 302258086 by Perderabo on Thursday 13th of November 2008 09:16:45 PM
Old 11-13-2008
We do this all the time but we don't use NIS, just LDAP. I have noticed some language at Sun's site that the two don't mix. Only one I can find right now: passwd(1) - change login password and password attributes (man pages section 1: User Commands) - Sun Microsystems

Quote:
If all requirements are met, by default, the passwd command will consult /etc/nsswitch.conf to determine in which repositories to perform password update. It searches the passwd and passwd_compat entries. The sources (repositories) associated with these entries will be updated. However, the password update configurations supported are limited to the following cases. Failure to comply with the configurations will prevent users from logging onto the system. The password update configurations are:

passwd: files

passwd: files ldap

passwd: files nis

passwd: files nisplus

passwd: compat (==> files nis)

passwd: compat (==> files ldap)

passwd_compat: ldap

passwd: compat (==> files nisplus)

passwd_compat: nisplus
 

10 More Discussions You Might Find Interesting

1. Linux

sudoers file

Hi, I have edited 'sudoers' file to allow 'cads' user shutdown the system without providing a password. Can someone tell me what's wrong with my file? It's not working when I 'sudo SHUTDOWN' command: sudo: SHUTDOWN: command not found Thanks a lot! # Host alias specification... (4 Replies)
Discussion started by: whatisthis
4 Replies

2. Red Hat

LDAP auth, secondary groups doesnt works

RedHat ELS 5.2 & Sun directory getent passwd: works toto:*:1000:100:toto:/home/toto:/bin/bash getent group: works mygroup:*:10001:1000,1001 but id toto doesnt works :( uid=1000(toto) gid=100(users) groupes=100(users) BTW in /etc/ldap.conf i use a different mapping for the posix... (4 Replies)
Discussion started by: sncr24
4 Replies

3. Linux

Secondary groups not working with NFS (+LDAP)

I´m using LDAP for groups and NFS for home dirs. My problem is as follows: I only have a few groups, so it's not the problem everyone else had. When I've mounted a disk over NFS, I need to have my primary group in order to read in the groups I'm a member of. Secondary groups is not working. ... (0 Replies)
Discussion started by: velmont
0 Replies

4. UNIX for Advanced & Expert Users

sudoers file

i have defined a rule in the sudoers file so a specific user is able to run some commands as sudo with no password. my question is: is it possible to restrict a user to run commands as sudo only in a certain directory? for example: chown only the files that are located in /var/tmp. Thank you. ... (2 Replies)
Discussion started by: noam128
2 Replies

5. UNIX and Linux Applications

Problems Hooking Sudoers into PAM/LDAP

Greetings!! I am attempting to solve a rather thorny issue and I was hoping that someone might have some insight into what is going on here.. At this point I have an openLDAP server that is working quite splendidly! :) I have a working directory with users able to authenticate it and TLS... (2 Replies)
Discussion started by: bluethundr
2 Replies

6. Shell Programming and Scripting

Addsudoers: A script to add users or groups into /etc/sudoers

Well, sudo is a great tool for delegating permissions among admins. But, it's really hard to find a great tool which would give an interactive way of editing /etc/sudoers file. Now, when I say "editing", I really refer to add new groups, users, aliases in the /etc/sudoers file. visudo is great... (2 Replies)
Discussion started by: admin_xor
2 Replies

7. UNIX for Dummies Questions & Answers

ldap , search groups that user belong

i want run query to identify witch groups that user A belong, CN=name,CN=Users,DC=mydomain ?? (1 Reply)
Discussion started by: prpkrk
1 Replies

8. UNIX for Dummies Questions & Answers

Help with Sudoers file

Hi using Solaris 10. trying to update /etc/sudoers file I need to add all the fist level operation team. This is what I have but it doesn't seem to work. Please help.Error message sudo su - >>> sudoers file: parse error, line 9 <<< >>> sudoers file: parse error, line 9 <<< ... (2 Replies)
Discussion started by: samnyc
2 Replies

9. Solaris

Sudoers file

In the sudoers file in Solaris... I am trying to limit the DEVELOPER user privileges to where those users can only use the “rm” command in certain directories. This is to prevent them from deleting directories or files and destroying a server. I want them to be able to use the "rm" command but... (1 Reply)
Discussion started by: nzonefx
1 Replies

10. UNIX and Linux Applications

LDAP - sudoers and the nopasswd flag - How can i set some commands for wheelgroup without password?

Hello :) we use LDAP with sudoers about 4 years. Works fine. But we have one problem with members of the admingroup (wheel). This users can do every command with sudo and with there privat password. But when they also are member to another special group, like sysadmin: Sysadmin is allowed to... (0 Replies)
Discussion started by: darktux
0 Replies

LEARN ABOUT DEBIAN

cvsd-passwd

cvsd-passwd(8)						      System Manager's Manual						    cvsd-passwd(8)

NAME

       cvsd-passwd - generate password entries for repositories

SYNOPSIS

       cvsd-passwd REPOS [+|-]NAME...

DESCRIPTION

       cvsd-passwd adds, updates or deletes users from repository passwd files for use with cvsd.

OPTIONS

       REPOS  Specify  the  directory in which the repository is located. This argument can be the top of the repository, the CVSROOT directory or
	      even the passwd file in the CVSROOT directory.

       [+]USER[:SUSER]
	      Add or update the user to the CVSROOT/passwd file.  If the user does not exist a password for the user is  asked	and  the  user	is
	      added for use with cvsd.	If the user already exists a password for is asked and the password field is modified.

	      The :SUSER part can be user to change or set mapping to a system user.  If you do not specify anything, a reasonable default is used
	      based upon your cvsd configuration.  If you don't want to map the user to any specified system user you can specify an  empty  SUSER
	      and use 'USER:'.

       -USER  Remove the user from the CVSROOT/passwd file.

EXAMPLES

       Add an anoncvs user to access the given repository:
	   cvsd-passwd /var/lib/cvsd/myrepos +anoncvs
       If the user already exists, change the password.

       Remove a user from the repository passwd list:
	   cvsd-passwd /var/lib/cvsd/myrepos -foo

       Add a user and specify that cvs should remap this user to the joe system user:
	   cvsd-passwd /var/lib/cvsd/myrepos joecvs:joe
       Note that the user joe should be known in the system passwd file and that cvsd should be run as root or user joe for this to work.

SEE ALSO

       cvsd(8)

AUTHOR

       Arthur de Jong <arthur@arthurdejong.org>.

Version 1.0.24							     Jun 2012							    cvsd-passwd(8)
All times are GMT -4. The time now is 04:20 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy