Christopher Cashell (topher) wrote,
Christopher Cashell
topher
  • Mood: accomplished

LDAP + sudo == sysadmin happiness

Using the latest release of sudo, I was finally able to get sudo working with LDAP enabled on RHEL/CentOS 4. Previously, I had no trouble getting sudo working with LDAP on RHEL3 and RHEL5. However, when I added '--with-ldap' to the compile options on RHEL4, it completely broke sudo, preventing it from authenticating anything.

This is a huge win for us at work, because it makes handling sudo configurations significantly easier. Normally, you have to store the configuration in /etc/sudoers on every single box. With this, you can store your sudo configuration in LDAP, and have all of the sudo rules in a single centralized location. Update it once, and all configured machines will then pull it.

I've become a big fan of LDAP, and with sudo supporting it, I think that anyone using LDAP and not storing sudo information in LDAP is crazy.
Tags: linux, system administration, work
Subscribe

  • Google Buzz.

    This is a (probably temporary) post to attempt to integrate my LiveJournal into Google Buzz.

  • The BEST player in College Football in 2009: Ndamukong Suh

    A lot of people have trouble understanding how good Ndamukong Suh, the Defensive Tackle for the Nebraska Cornhuskers really is. There aren't many…

  • Customer Service done wrong.

    So, after having finally purchased a house, I went to get cable and Internet setup. Like most of the country, I live in an unfortunate area where…

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    switch
    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    Help
  • 6 comments