[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Issue while Centralizing SUDO with OpenLDAP



Hi Buchan,
 
Thanks for your reply.  I have tried but the schema is not getting loaded, dont know why.  I have tried the same setup with centos and redhat it looks perfect.
I am using SuSE Enterprise 11.
 
Regards,
Pradyumna
On Tue, May 17, 2011 at 9:11 AM, Buchan Milne <bgmilne@staff.telkomsa.net> wrote:
On Monday, 16 May 2011 17:38:31 pradyumna dash wrote:
> Hi,
>
> I am trying to acheive centralizing SUDO, but facing an issue,i
> suspect its something to do with sudoers.schema, May be am wrong. I
> think somehow the slapd process is not able to read it. Please suggest
> how to fix the issue.

[...]

> t710x02-6:/etc/openldap/schema # ldapadd -f /opt/newsudo.ldif -h
> 127.0.0.1 -D cn=Manager,dc=example,dc=com -W -x
> Enter LDAP Password:
> adding new entry "cn=defaults,ou=SUDOers,dc=example,dc=com"
>
> ldap_add: Invalid syntax (21)
>
> additional info: objectClass: value #0 invalid per syntax
>
> sudoers.ldif
> dn: cn=defaults,ou=SUDOers,dc=example,dc=com
> #objectClass: top
> objectClass: sudoRole
> cn: defaults

Please verify that you have actually included the sudoers.schema in your
configuration, and that slapd was restarted after that.

You could check that the objectclass exists in your server. In my case:

$ ldapsearch -x -s base -b cn=subschema objectclasses|perl -p0e 's/\n //g' |
grep -i sudo
objectClasses: ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' DESC 'Sudoer Entries'
SUP top STRUCTURAL MUST cn MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs
$ sudoOption $ description ) )


Regards,
Buchan