Uppercase usernames in /etc/sudoers triggers warnings
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Uppercase usernames in /etc/sudoers triggers warnings
Hello all.
We're syncing users from Active Directory over to our linux LDAP server (Red Hat Directory Server). The user names on the AD side are all written in uppcase letters, which is the company policy.
The uppername usernames causes problems when setting up /etc/sudoers, since uppercase words are interpreted as aliases. For example, if I add user KENNETH to a User_Alias (i.e. something like "User_Alias ADMINS = KENNETH"), I will get a warning from visudo which expects KENNETH to be an alias and thus not a username. Despite the warning, sudo does seem to work correctly. But is there a way to tell visudo or sudo that usernames are uppercase, and should not trigger a warning? Or are there other ways to go about this sort of thing?
Best regards,
kenneho
PS. I posted this message on the red hat mailing list, but are posting it here too since I didn't get any replies.
When pulling data via "net rpc vampire" to a samba/ldap configuration I know there's a way you can force the posix username to be lowercase, while leaving the samba username alone. I know a full AD setup is different, but I think there's still separate (or the ability to be separate) entries for the windows and the posix username.
Obviously it differs greatly by schema, and I have no idea what AD's looks like, but poke it with ldapsearch, something may jump out at you.
When pulling data via "net rpc vampire" to a samba/ldap configuration I know there's a way you can force the posix username to be lowercase, while leaving the samba username alone. I know a full AD setup is different, but I think there's still separate (or the ability to be separate) entries for the windows and the posix username.
Obviously it differs greatly by schema, and I have no idea what AD's looks like, but poke it with ldapsearch, something may jump out at you.
Good luck!
Thanks for the tip - I'll check and see if maybe I can separate the entries, or maybe see if it's possible to make changes to the entry on our RHDS without having it synced back to AD.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.