Created attachment 643542 [details]
The LDAP directory contents
Description of problem:
SSSD ignores options from "defaults" entry in LDAP
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Use the attached LDIF file to fill LDAP directory
2. Use the attached sssd.conf as the base for client configuration
3. Execute "su -c 'sudo -u user2 whoami' user1" as root
sudo: no tty present and no askpass program specified
If the sudoOption attributes are moved to the cn=test entry instead, sudo behaves as documented.
Created attachment 643543 [details]
Pavel, can you triage this bug before/if we clone it to Trac?
Verified fixed in 1.9.2-21.el6.
Relevant sudo suite tests pass:
:: [ PASS ] :: defaults_without
:: [ PASS ] :: defaults_with
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.