isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Reference schema.ActiveDirectory

Browse Source
This commit is contained in:
Todd C. Miller
2008-05-10 13:18:47 +00:00
parent 1da320979c
commit 64c5738ec9
5 changed files with 37 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
Makefile.in
View File

@@ -142,13 +142,13 @@ LIB_OBJS = @LIBOBJS@
VERSION = 1.7.0 VERSION = 1.7.0
DISTFILES = $(SRCS) $(HDRS) ChangeLog HISTORY INSTALL INSTALL.configure \ DISTFILES = $(SRCS) $(HDRS) ChangeLog HISTORY INSTALL INSTALL.configure \
LICENSE Makefile.in PORTING README README.LDAP \ LICENSE Makefile.in PORTING README README.LDAP TROUBLESHOOTING \
TROUBLESHOOTING UPGRADE WHATSNEW aclocal.m4 acsite.m4 aixcrypt.exp \ UPGRADE WHATSNEW aclocal.m4 acsite.m4 aixcrypt.exp config.guess \
config.guess config.h.in config.sub configure configure.in \ config.h.in config.sub configure configure.in def_data.in \
def_data.in indent.pro install-sh ltmain.sh mkdefaults \ indent.pro install-sh ltmain.sh mkdefaults mkinstalldirs \
mkinstalldirs pathnames.h.in sample.pam sample.syslog.conf \ pathnames.h.in sample.pam sample.syslog.conf sample.sudoers \
sample.sudoers schema.OpenLDAP schema.iPlanet sudo.cat \ schema.ActiveDirectory schema.OpenLDAP schema.iPlanet sudo.cat \
sudo.man.in sudo.pod sudo.psf sudo_usage.h.in sudoers sudoers.cat \ sudo.man.in sudo.pod sudo.psf sudo_usage.h.in sudoers sudoers.cat \
sudoers.man.in sudoers.pod sudoers.ldap.cat sudoers.ldap.man.in \ sudoers.man.in sudoers.pod sudoers.ldap.cat sudoers.ldap.man.in \
sudoers.ldap.pod sudoers2ldif visudo.cat visudo.man.in visudo.pod \ sudoers.ldap.pod sudoers2ldif visudo.cat visudo.man.in visudo.pod \
auth/API auth/API

5
README.LDAP
View File

@@ -87,6 +87,11 @@ replacing example.com with your domain:
serviceSearchDescriptor: sudoers: ou=sudoers,dc=example,dc=com serviceSearchDescriptor: sudoers: ou=sudoers,dc=example,dc=com
If using an Active Directory server, copy schema.ActiveDirectory
to your Windows domain controller and run the following command:
ldifde -i -f schema.ActiveDirectory -c dc=X dc=example,dc=com
Importing /etc/sudoers into LDAP Importing /etc/sudoers into LDAP
================================ ================================
Importing sudoers is a two-step process. Importing sudoers is a two-step process.

36
sudoers.ldap.cat
View File

@@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN
1.7.0 May 2, 2008 1 1.7.0 May 10, 2008 1
@@ -127,7 +127,7 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
1.7.0 May 2, 2008 2 1.7.0 May 10, 2008 2
@@ -193,7 +193,7 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
1.7.0 May 2, 2008 3 1.7.0 May 10, 2008 3
@@ -238,9 +238,10 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
on your LDAP server. In addition, be sure to index the 'sudoUser' on your LDAP server. In addition, be sure to index the 'sudoUser'
attribute. attribute.
Two versions of the schema, one for OpenLDAP servers (_s_c_h_e_m_a_._O_p_e_n_L_D_A_P) Three versions of the schema: one for OpenLDAP servers (_s_c_h_e_m_a_._O_p_e_n_L_-
and another for Netscape-derived servers (_s_c_h_e_m_a_._i_P_l_a_n_e_t), may be found _D_A_P), one for Netscape-derived servers (_s_c_h_e_m_a_._i_P_l_a_n_e_t), and one for
in the ssuuddoo distribution. Microsoft Active Directory (_s_c_h_e_m_a_._A_c_t_i_v_e_D_i_r_e_c_t_o_r_y) may be found in the
ssuuddoo distribution.
The schema for ssuuddoo in OpenLDAP form is included in the EXAMPLES sec- The schema for ssuuddoo in OpenLDAP form is included in the EXAMPLES sec-
tion. tion.
@@ -255,11 +256,10 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
Also note that on systems using the OpenLDAP libraries, default values Also note that on systems using the OpenLDAP libraries, default values
specified in _/_e_t_c_/_o_p_e_n_l_d_a_p_/_l_d_a_p_._c_o_n_f or the user's _._l_d_a_p_r_c files are specified in _/_e_t_c_/_o_p_e_n_l_d_a_p_/_l_d_a_p_._c_o_n_f or the user's _._l_d_a_p_r_c files are
not used.
1.7.0 May 2, 2008 4 1.7.0 May 10, 2008 4
@@ -268,6 +268,8 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
not used.
Only those options explicitly listed in _/_e_t_c_/_l_d_a_p_._c_o_n_f that are sup- Only those options explicitly listed in _/_e_t_c_/_l_d_a_p_._c_o_n_f that are sup-
ported by ssuuddoo are honored. Configuration options are listed below in ported by ssuuddoo are honored. Configuration options are listed below in
upper case but are parsed in a case-independent manner. upper case but are parsed in a case-independent manner.
@@ -323,9 +325,7 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
1.7.0 May 10, 2008 5
1.7.0 May 2, 2008 5
@@ -391,7 +391,7 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
1.7.0 May 2, 2008 6 1.7.0 May 10, 2008 6
@@ -457,7 +457,7 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
1.7.0 May 2, 2008 7 1.7.0 May 10, 2008 7
@@ -523,7 +523,7 @@ EEXXAAMMPPLLEESS
1.7.0 May 2, 2008 8 1.7.0 May 10, 2008 8
@@ -589,7 +589,7 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
1.7.0 May 2, 2008 9 1.7.0 May 10, 2008 9
@@ -655,7 +655,7 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4)
1.7.0 May 2, 2008 10 1.7.0 May 10, 2008 10
@@ -721,7 +721,7 @@ CCAAVVEEAATTSS
1.7.0 May 2, 2008 11 1.7.0 May 10, 2008 11
@@ -787,6 +787,6 @@ DDIISSCCLLAAIIMMEERR
1.7.0 May 2, 2008 12 1.7.0 May 10, 2008 12

7
sudoers.ldap.man.in
View File

@@ -146,7 +146,7 @@
.\" ======================================================================== .\" ========================================================================
.\" .\"
.IX Title "SUDOERS.LDAP @mansectform@" .IX Title "SUDOERS.LDAP @mansectform@"
.TH SUDOERS.LDAP @mansectform@ "May 2, 2008" "1.7.0" "MAINTENANCE COMMANDS" .TH SUDOERS.LDAP @mansectform@ "May 10, 2008" "1.7.0" "MAINTENANCE COMMANDS"
.SH "NAME" .SH "NAME"
sudoers.ldap \- sudo LDAP configuration sudoers.ldap \- sudo LDAP configuration
.SH "DESCRIPTION" .SH "DESCRIPTION"
@@ -349,8 +349,9 @@ In order to use \fBsudo\fR's \s-1LDAP\s0 support, the \fBsudo\fR schema must be
installed on your \s-1LDAP\s0 server. In addition, be sure to index the installed on your \s-1LDAP\s0 server. In addition, be sure to index the
\&'sudoUser' attribute. \&'sudoUser' attribute.
.PP .PP
Two versions of the schema, one for OpenLDAP servers (\fIschema.OpenLDAP\fR) Three versions of the schema: one for OpenLDAP servers (\fIschema.OpenLDAP\fR),
and another for Netscape-derived servers (\fIschema.iPlanet\fR), may one for Netscape-derived servers (\fIschema.iPlanet\fR), and one for
Microsoft Active Directory (\fIschema.ActiveDirectory\fR) may
be found in the \fBsudo\fR distribution. be found in the \fBsudo\fR distribution.
.PP .PP
The schema for \fBsudo\fR in OpenLDAP form is included in the \s-1EXAMPLES\s0 The schema for \fBsudo\fR in OpenLDAP form is included in the \s-1EXAMPLES\s0

5
sudoers.ldap.pod
View File

@@ -231,8 +231,9 @@ In order to use B<sudo>'s LDAP support, the B<sudo> schema must be
installed on your LDAP server. In addition, be sure to index the installed on your LDAP server. In addition, be sure to index the
'sudoUser' attribute. 'sudoUser' attribute.
Two versions of the schema, one for OpenLDAP servers (F<schema.OpenLDAP>) Three versions of the schema: one for OpenLDAP servers (F<schema.OpenLDAP>),
and another for Netscape-derived servers (F<schema.iPlanet>), may one for Netscape-derived servers (F<schema.iPlanet>), and one for
Microsoft Active Directory (F<schema.ActiveDirectory>) may
be found in the B<sudo> distribution. be found in the B<sudo> distribution.
The schema for B<sudo> in OpenLDAP form is included in the L<EXAMPLES> The schema for B<sudo> in OpenLDAP form is included in the L<EXAMPLES>