Below sounds like your servers are configured inconsistently. Why wouldn't you have user "bob" be in the same group on every server? That would avoid this whole question.
In your position I would get some sensible, deployment-wide standard going and then create my sudoers and ldap directory based on that standard.
On Wed, Aug 10, 2011 at 10:11:17AM +0200, pradyumna dash wrote:
Guys,
I have a query, lets take a scenario :
Assume we have 2 servers "Server1" and "Server2" and 2 groups "Admin" and "ITTech", What is needed is like say when a user "bob" logging in to "Server1" he will get the group "Admin", but when he logs in to "Server2" he will get group "ITTech".� Also it may vary for different users like when "Kris" logs in to Server1 he may get a group called "ITTech" and when he logs in to "Server2"� he will get some other group say "Security". Can it be possible by OpenLDAP ? If this is achieved then we are planning to have SUDO files based on the grooups.
It would be great if you can provide me some pointers or how-to.
Regards, Neo