I'm not sure if this going to the list or just to Rob. Google mail does not seem to have an option to reply to the list. Anyway, samba appears to work fine but I'm bound to this setup because I also have a bunch HP-UX hosts and I'm trying to keep things consistent. HP-UX too has the same issue so I'm guessing that it's not the Linux client setup but something stupid in AD and the AD admin would not even try to help. They're just amazed that "Unix can't deal with case insensitive". On the other hand this being a Windows shop they wouldn't even dream of changing anything in the schema or try to get some more detailed info. Now going over Stephen's suggestion that users are mapped to the wrong field, well I'm not sure which field should they be setup to; I thought the username is the one that matters but I guess I could be wrong. If so how would I check? Is there some query that I haven't thought of so far that I could use to check the mapping? Thanks much, Dumitru On Tue, Jun 26, 2012 at 9:36 AM, Rob Echlin <rob [ at ] echlin [ dot ] ca> wrote: > Hi Dumitru, > I haven't done that, but, maybe you could set up Samba to take domain info > from AD, then get the sudoers info from Samba? > > Rob > > > ________________________________ > From: Dumitru Ciobanu <ciobanu [ dot ] dumitru [ at ] gmail [ dot ] com> > To: linux [ at ] lists [ dot ] oclug [ dot ] on [ dot ] ca > Sent: Monday, June 25, 2012 11:04:11 PM > Subject: [OCLUG-Tech] sudo with ldap and active directory question > > Hi Guys, > > I have a working ldap authentication using Active Directory as the > ldap server (not my choice but ...). > Linux distro is RHEL 5.8. > As I said it works but: > When I do a "getent passwd" the users are coming down in uppercase. > Still not a problem but when trying to give different roles through > sudo I have to list both the lowercase username and the uppercase > username in the sudoers file. That is very annoying and adds up to the > maintenance. > So I'm asking if anybody's seen this before and how did you deal with? > I'm not an ldap guru at all. I was able however to follow the on-line > manual howto's and configure a working example. > > Also I know that the sudoers.ladap manual explains how to integrate > sudo in active directory but the AD admins don't even want to hear > about it. > > So if anybody has an idea it'll be greatly appreciated. > > Thank you much, > Dumitru > > -- > ===================== > > Dumitru Ciobanu > ciobanu [ dot ] dumitru [ at ] gmail [ dot ] com > _______________________________________________ > Linux mailing list > Linux [ at ] lists [ dot ] oclug [ dot ] on [ dot ] ca > http://oclug.on.ca/mailman/listinfo/linux > > -- ===================== Dumitru Ciobanu ciobanu [ dot ] dumitru [ at ] gmail [ dot ] com