On 02/18/2016 07:37 PM, Mote, Todd wrote:
Hi all, how does sssd process multiple sudo rules from an OU search
base? I have my base pointed at an OU where I have one sudo rule
applied, and that works, but have another farther down. I can see in
the logs that it sees both rules. What I can’t find is how sssd handles
that? does it merge the rules?
If cn is the same I'd rather say that the behaviour is undefined - we
don't deal with conflicts. If the cn are different that it should be fine.
How does it handle conflicts? Does
computer object location matter like it does for group policies?
sudo itself doesn't know about computer objects, it uses just hostnames.