I'm new here and trying to get some suggestions what to do in order to submit tickets with our SA team to implement. I have an AD account as "deploy" (login) and local unix account as "wasadmin" (non-login) on Solaris 10. I'd like to login as deploy ID and execute commands as wasadmin ID w/o prompting for password. Is it doable here? If so, what steps should I need to do?
I added this line in the sudoers file, but it didn't help anything:
deploy ALL=(wasadmin) NOPASSWD: ALL
%dzdo -u wasadmin mkdir testdir
Sorry, user deploy is not allowed to execute '/usr/bin/mkdir testdir' as wasadmin on HOST123
I have the following information:
%adinfo --version
adinfo (CentrifyDC 5.1.3-482)
%dzdo -V
Dzdo 5.1.3-482 (Based on sudo version 1.7.1)
%id -a deploy
uid=30192(deploy) gid=30192(depgroup) groups=30192(depgroup),10902(wasgroup)
%adquery user deploy
deploy:x:30192:30192:deploy:/export/lhome/deploy:/bin/bash
%adquery group depgroup
depgroup:x:30192:deploy
%id -a wasadmin
uid=10902(wasadmin) gid=10902(wasgroup) groups=10902(wasgroup),30192(depgroup)
%adquery user wasadmin
wasadmin is not a zone user
%adquery group wasgroup
wasgroup is not a zone group