bertho
August 3, 2022, 4:45pm
1
Hello,
I configured 2 servers with sudo right from Active Directory user group.
The first server is ok but not the second and i don’t understand why.
I created a file /etc/sudoers.d/domain_admins
In the file, il put the following line :
%Smygroup@domain.tld ALL=(ALL) ALL
As i said before, it works fine on the first server but not on the second.
I can’t connect with the AD users but not sudo.
If someone has an idea on what i can check…
Thanks a lot.
bertho
bertho
August 3, 2022, 4:48pm
2
I also tried with
%Smygroup@domain.tld ALL=(ALL) NOPASSWD:ALL
and it work with no password
To be more accurate, if i use
%Smygroup@domain.tld ALL=(ALL) ALL
the system ask for a password but says that the password is incorrect (i’m sure about the password)
Regards,
bertho
cotxi
August 10, 2022, 11:00am
3
Have you tried to use just %Smygroup ALL=(ALL) ALL
?
I may be wrong but if your system is properly synced with AD it should work this way
bertho
August 29, 2022, 7:10am
4
Hello,
Sorry for the delay, i’m back from my holidays…
Yes, i tried it, same result…
I’m using the NOPASSWD option while waiting to find a solution.
Thank you
Bertrand
How is the AD set up? Using sssd? I guess you are logging in with the AD user and that works? Does /etc/sssd/sssd,conf look OK?
Is this result of this command OK?
getent group Smygroup@domain.tld
Are your user in this group?
id youruser | grep Smygroup@domain.tld