Christopher Cashell (topher) wrote,
Christopher Cashell

  • Mood:

LDAP + sudo == sysadmin happiness

Using the latest release of sudo, I was finally able to get sudo working with LDAP enabled on RHEL/CentOS 4. Previously, I had no trouble getting sudo working with LDAP on RHEL3 and RHEL5. However, when I added '--with-ldap' to the compile options on RHEL4, it completely broke sudo, preventing it from authenticating anything.

This is a huge win for us at work, because it makes handling sudo configurations significantly easier. Normally, you have to store the configuration in /etc/sudoers on every single box. With this, you can store your sudo configuration in LDAP, and have all of the sudo rules in a single centralized location. Update it once, and all configured machines will then pull it.

I've become a big fan of LDAP, and with sudo supporting it, I think that anyone using LDAP and not storing sudo information in LDAP is crazy.
Tags: linux, system administration, work

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded