Anne Cross wrote:
Hi Anne!
On Thu, 31 Dec 2009, Anne Cross wrote:
As I understood it, you could only use entries in /etc/group as opposed to using LDAP groups (which is what we're after.) Our goal was to not need to manage locally stored files - we might as well manage /etc/sudoers as /etc/group in that instance.
You understood incorrectly. You can use LDAP groups.
Oh wow. You just made my day. Could I ask for an example of how you're defining it inside of a sudoers object? I'd *really* appreciate it. The last time I went digging through the documentation, I couldn't find any examples, and now "assume" is making an idiot out of me.
You don't need to do anything special. Assuming your system is
configured to look in LDAP for groups, you just specify them be
preceding them with an @, just like local groups.
--
389 users mailing list
389-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
