OK, I take back all that I said over on the samba list, sssd does
pull the sudo rules from AD
I have just spent two hours trying to get sssd to get the sudo rules
from AD on my netbook that I have just installed Linux Mint mate 17 on,
to no effect.
after upping sssd debug to 9, I found this search in sssd_example.com.log:
If I try to search with this via ldbsearch, it does not work, all I get
allocating request failed: Unable to parse search expression
If I remove one small part, it does work and displays the sudo roles
So, what does this do?
I'm not sure what this search is supposed to do. What is the intention
of this? If it is to search for any sudoHost value with a literal
asterisk "*" character in it, then the search filter syntax is wrong.
According to http://tools.ietf.org/html/rfc4515
, if you want to use a
"*" in a search filter, it must be escaped like this: \2A, so the search
filter would be (sudoHost=*\2A*)
because I can only get the search to work without it