Hello all.


We're syncing users from Active Directory over to our linux LDAP server (Red Hat Directory Server). The user names on the AD side are all written in uppcase letters, which is the company policy.

The uppername usernames causes problems when setting up /etc/sudoers, since uppercase words are interpreted as aliases. For example, if I add user KENNETH to a User_Alias (i.e. something like "User_Alias ADMINS = KENNETH"), I will get a warning from visudo which expects KENNETH to be an alias and thus not a username. Despite the warning, sudo does seem to work correctly. But is there a way to tell visudo or sudo that usernames are uppercase, and should not trigger a warning? Or are there other ways to go about this sort of thing?


Best regards,
kenneho

PS. I posted this message on the red hat mailing list, but are posting it here too since I didn't get any replies.

When pulling data via "net rpc vampire" to a samba/ldap configuration I know there's a way you can force the posix username to be lowercase, while leaving the samba username alone. I know a full AD setup is different, but I think there's still separate (or the ability to be separate) entries for the windows and the posix username.

Obviously it differs greatly by schema, and I have no idea what AD's looks like, but poke it with ldapsearch, something may jump out at you.

Good luck!

Thanks for the tip - I'll check and see if maybe I can separate the entries, or maybe see if it's possible to make changes to the entry on our RHDS without having it synced back to AD.