Home Forums OS X Server and Client Discussion Questions and Answers Is it possible to distribute sudoers in Open Directory?

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • February 3, 2010 at 12:41 am #377936
    danmmr
    Participant

    Sorry, I just realized I should have placed this in the open directory forum. Can someone move it?

    Hello,

    Is it possible to have a sudoers list shared in Open Directory among Linux and Mac clients? I know it is possible in OpenLDAP: http://www.gratisoft.us/sudo/man/sudoers.ldap.html

    I have searched online but can’t find out if Open Directory (OSX server) explicitly supports this or not. I have found this page and I am thinking it applies to this problem:

    https://www.afp548.com/article.php?story=20060228230005854

    If not, I can distribute sudoers via a different method (would rather not). Also I am assuming that sudo on Linux or OSX should be ldap aware (i.e. knows about ldap groups). I know this is the case when I used Fedora Directory services.

    Thanks

    Daniel

    February 16, 2010 at 8:36 pm #377986
    tlarkin
    Participant

    You can maybe put them in the admin group via dscl and some scripting. I am not sure how well LDAP talks to each other from OS X to another platform, so my experience on the topic is a bit novice at best. By default dscl points to the local BSD database but you can point it to any LDAP server in OD to get OD user/groups. You could easily add a group of users to the admin group, which would grant them sudo. Not sure how well it would work though because my environment here at work is 100% OD.

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.