Cisco Headend System Release 2.7
Enable Sudo Support
4017610 Rev A
29
Server Checks
Work with the site administrator to ensure that sudoers objects and related entries
exist in the LDAP server. For example, to properly administer a DNCS, RNCS, or
Application server, LDAP entries similar to the following must exist:
exist in the LDAP server. For example, to properly administer a DNCS, RNCS, or
Application server, LDAP entries similar to the following must exist:
LDAP Object
LDIF Entry
SUDOers
dn: ou=SUDOers,dc=example,dc=com
ou: SUDOers
objectClass: top
objectClass: organizationalUnit
netgroup
dn: ou=Netgroup,dc=example,dc=com
ou: netgroup
objectclass: top
objectClass: organizationalUnit
DNCSAdmins
dn: cn=DNCSAdmins,ou=Netgroup,dc=example,dc=com
objectClass: nisNetgroup
objectClass: top
nisNetgroupTriple: (,ldapuser1,)
description: All DNCS Administrators on the network
cn: DNCSAdmins
DNCSHosts*
dn: cn=DNCSHosts,ou=Netgroup,dc=example,dc=com
objectClass: nisNetgroup
objectClass: top
nisNetgroupTriple: (dncshost1,,)
description: All DNCS Hosts in the network
cn: DNCSHosts
defaults
dn: cn=defaults,ou=SUDOers,dc=example,dc=com
objectClass: top
objectClass: sudoRole
description: Default sudo Options
sudoOption: ignore_dot
sudoOption: ignore_local_sudoers
sudoOption: always_set_home
sudoOption: !mail_no_user
sudoOption: root_sudo
sudoOption: log_host
sudoOption: logfile=/var/log/sudolog
sudoOption: timestamp_timeout=5
cn: defaults