In my quest to implement sssd, my focus turned towards sudo. Centralizing the sudo rules to an LDAP server (or cluster) simplifies management of users and access. Rather than /etc/sudoers files on each machine, sudo can look in to LDAP for a specific user’s rules. The path of a query is: sudo command requested ->
On a Fedora server (in this case 14, 15, and 16) acting as the primary LDAP server, it can get stuck booting if LDAP is not ready in time. You end up with a race condition where LDAP is stuck attempting to start for one reason or another and other services are stuck waiting for
викMost high end IBM hardware comes with a RMM (Remote Management Module) if you ever hope to manage the equipment from a location other than right in front of the machine. Managing the local accounts on the system is painful at best, and a more secure method is to integrate in to an already existing