Having users su/sudo in Linux based on Active Directory group when using pam_winbind
Per Hadyman5's comment, I ran the following:
id MYDOMAIN\\djsumdog
...and saw that my group was actually MYDOMAIN\linuxadmins, all lower case. I then added the following to my sudo configuration:
%MYDOMAIN\\linuxadmins ALL=(ALL) ALL
And sudo works fine now with the users in that group.
Related videos on Youtube
Saurabh
Updated on September 18, 2022Comments
-
Saurabh over 1 year
I have RavenDB set up which is queried through a WebApi layer. The RavenDb layer returns an IQueriable onto which OData filters are applied in the WebApi layer. Every Employee object that is saved in the RavenDB has a Version property associated with it (value of DateTime.UtcNow.Ticks while saving the document). Recently I was working on a requirement where I can save same Employee multiple times over the period of time (as separate entities, differing in their property values but with same Id), but I only want to fetch the latest one based on its Version value.
In order to achieve this I used MapReduce as described below :
public class Employee_Version : AbstractIndexCreationTask<Employee> { public Employee_Version() { Map = employees => from employee in employees select new Employee { FirstName = employee.FirstName, LastName = employee.LastName, Departments = employee.Departments, Id = employee.Id, Version = employee.Version, ManagerId = employee.ManagerId, EmployeeId=employee.EmployeeId }; Reduce = results => from result in results group result by result.ManagerId into g select new { ManagerId = g.OrderByDescending(d => d.Version).First().ManagerId, Departments = g.OrderByDescending(d => d.Version).First().Departments, FirstName = g.OrderByDescending(d => d.Version).First().FirstName, LastName = g.OrderByDescending(d => d.Version).First().LastName, Version = g.OrderByDescending(d => d.Version).First().Version, Id = g.OrderByDescending(d => d.Version).First().Id, EmployeeId = g.OrderByDescending(d => d.Version).First().EmployeeId }; } }
Raven Repository Code :
public IQueryable<Employee> GetEmployees(Expression<Func<Employee, bool>> expression) { using (var session = DocumentStore.OpenSession()) { return session.Query<Employee, Employee_Version>().Statistics(out querysStatistics).Where(expression), } }
Web Api Layer Code :
Expression<Func<Employee, bool>> managerIdFilter = e => e.ManagerId == 123; var employeeQueryable = _employeeRepository.GetEmployees(managerIdFilter); var queryable = modelOptions.ApplyTo(employeeQueryable.Queryable, new ODataQuerySettings { EnableConstantParameterization = false, HandleNullPropagation = HandleNullPropagationOption.False });
When I query it like :
http://localhost/employee/list?$top=1
I get following exception :
Inner ExcpetionUrl: \"/databases/documents/indexes/Document/Version?&query=ManagerId%3A123&pageSize=1&sort=__document_id&SortHint-__document_id=String\"\ \ \ \ System.ArgumentException: The field '__document_id' is not indexed, cannot sort on fields that are not indexed
The same query works fine if no OData filter is used.
-
Handyman5 over 12 yearsWhen you run "id djsumdog", what format do the returned group names look like? In particular, I know some Samba setups replace the backslash with a plus-sign.
-
djsumdog over 12 yearsThat got it! The case for my AD group was wrong (it was all lowercase and I was using mixed case). Thanks
-
-
zSprawl over 8 yearsKeep in mind that if you have a space, like I did, in the group, you need to add a backslash before the space: %MYDOMAIN\\domain\ admins ALL=(ALL) ALL