Hullo
I have a Nethserver instance in my homelab running a test AD, which I like to imagine might some day form an example for the small IT consulting firm I work for to use in our supported sites with heterogenous OS requirements, such as media/entertainment companies running Linux, Mac, and Windows workstations.
I am investigating performing domain joins to Nethserver with Linux machines and came across this beautifully written page: https://www.sudo.ws/man/1.8.17/sudoers.ldap.man.html#EXAMPLES
I think I understand what this is saying, which is effectively that as long as the schema is set up correctly in AD, simply dropping a correctly-formatted file to /etc/ldap.conf will enable sudo to check AD efficiently. I’m pretty sure I can figure my way through getting ldap.conf correct, but I have no idea what to do with the AD schema discussed here: “[The sudo schema] for Microsoft Active Directory (schema.ActiveDirectory) may be found in the sudo distribution.”
I believe that’s here: https://github.com/lbt/sudo/blob/master/doc/schema.ActiveDirectory
But I’m afraid I don’t know what to do with this schema - can I please get some pointers on where to go to implement this schema?
End goal: freshly-installed, domain-joined, Linux-based workstations (or servers) with just the ldap.conf file modified can have users in the AD sudoers group or groups issue sudo commands.
Thanks kindly,
~ndr