Home Man
Today's Posts

Discuss UNIX and Linux software applications. This includes SQL, Databases, Middleware, MOM, SOA, EDA, CEP, BI, BPM and similar topics.

LDAP - sudoers and the nopasswd flag - How can i set some commands for wheelgroup without password?

Login to Reply

Thread Tools Search this Thread
# 1  
Old 03-19-2016
LDAP - sudoers and the nopasswd flag - How can i set some commands for wheelgroup without password?


we use LDAP with sudoers about 4 years. Works fine. But we have one problem with members of the admingroup (wheel). This users can do every command with sudo and with there privat password. But when they also are member to another special group, like sysadmin:
Sysadmin is allowed to use the commands, systemctl, reboot, shutdown, and a couple of other commands without password.
They must nevertheless always enter their password.

The goal is that admins they are in the wheelgroup and also members from some other sudogroups, they can execute there commands without password. Is this possible in LDAP?

Here some config:

dn	                cn=defaults,ou=SUDOers,ou=Anwendungen,dc=osit,dc=cc
cn	                defaults
description 	sudoOption's
objectClass	sudoRole
sudoOption	!root_sudo

dn	               cn=%wheel,ou=SUDOers,ou=Anwendungen,dc=osit,dc=cc
cn	               %wheel
description 	Superadmingroup
objectClass	sudoRole
sudoCommand	ALL
sudoHost	        ALL
sudoUser	        %wheel

dn	                cn=portage,ou=SUDOers,ou=Anwendungen,dc=osit,dc=cc
cn	                portage
description 	Mitglieder können auf allen Gentoos die Paketverwaltung bedienen.
objectClass	sudoRole
sudoCommand	/usr/bin/emerge
sudoHost	        ALL
sudoOption	!authenticate
sudoUser	        %portage

The importand option here is !authenticate. With this i can say "execute command without password".

Thanks a lot for helping!
Best Regards

Last edited by Scrutinizer; 03-19-2016 at 12:43 PM.. Reason: Changed noparse to code tags
Login to Reply

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Problem using sudo with NOPASSWD aigini82 HP-UX 3 04-12-2016 04:17 AM
changing which password is prompted for in sudoers thmnetwork Red Hat 0 10-12-2012 08:11 AM
How to configure sudoers in order to hide some sudo commands. fefafefa Linux 0 04-28-2012 07:16 PM
[SOLVED] LDAP Constraint Violation while changing password henryford UNIX for Advanced & Expert Users 0 04-03-2012 10:40 AM
setting password in ldap programAngel UNIX for Advanced & Expert Users 0 01-13-2011 05:14 AM
How to reset the ldap root password? ungalnanban UNIX for Advanced & Expert Users 0 12-20-2010 12:24 AM
Problems Hooking Sudoers into PAM/LDAP bluethundr UNIX and Linux Applications 2 11-10-2010 11:33 AM
changing user password as root on LDAP client SOl10/u7 ilikecows Solaris 1 08-05-2009 09:18 AM
LDAP user password reset script em23 Solaris 1 12-29-2008 06:02 AM
sudoers file with groups in LDAP em23 Solaris 6 11-13-2008 11:10 PM

All times are GMT -4. The time now is 11:52 PM.

Unix & Linux Forums Content CopyrightŠ1993-2018. All Rights Reserved.
Show Password