Visit the LQ Articles and Editorials section
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 08-16-2011, 02:15 PM   #1
LQ Newbie
Registered: Aug 2011
Posts: 20

Rep: Reputation: Disabled
Use AD to assign a user to a group?

Does anyone know a way to add an active directory user to Sudoers? I have users logging in with AD accounts but I need to be able to add and remove users to the Sudoers so they can accomplish some tasks that require elevated access without giving out the root password. we around 50 machines running CentOS 5.5 and its a pain to add every user to every box.
Old 08-16-2011, 06:05 PM   #2
Registered: Feb 2007
Location: UK
Posts: 150

Rep: Reputation: 19
you can make sudo query ldap/ad but u need to extend the schema to support posix attributes
Old 08-16-2011, 06:54 PM   #3
LQ Newbie
Registered: Aug 2011
Posts: 20

Original Poster
Rep: Reputation: Disabled
thanks for the quick reply. how would i go about doing this?
Old 08-16-2011, 10:38 PM   #4
LQ Guru
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,986

Rep: Reputation: 1444Reputation: 1444Reputation: 1444Reputation: 1444Reputation: 1444Reputation: 1444Reputation: 1444Reputation: 1444Reputation: 1444Reputation: 1444
Speaking totally blindly here ... is there any way that "PAM" (Pluggable Authentication Modules...) could be of service here?

The essential idea here is ... "AFAIK (which isn't much...), PAM ultimately controls everything." Therefore, if the sudo command does, or if it can, tap into the PAM mechanism, then your problem might be very close to being solved. It intuitively seems to me that you ought to be able to outright supersede the default behavior of sudo, and to very-elegantly substitute into its place an AD-based mechanism ... courtesy of PAM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
lp permission assign to user group syedali Linux - Desktop 0 08-06-2011 04:17 AM
how to assign oneself to a group to get access to a file chadwick Linux - Newbie 2 09-04-2009 02:38 PM
How can we assign group password?? JATA01 Linux - Server 5 11-15-2008 01:47 AM
How to assign disk quota(disk space limited) to user and group. hocheetiong Linux - Newbie 1 08-24-2007 05:20 AM
Assign group by IP waifurchin Linux - General 1 01-29-2003 05:36 PM

All times are GMT -5. The time now is 02:46 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration