issue with sudo, we can login with ldap account but can’t sudo -i. When turned on sudoer debug, got following error.

sudo: user_matches=1

sudo: host_matches=0

sudo: sudo_ldap_lookup(0)=0x40

[sudo] password for edy:

Actually the same configuration works on other hosts.

On broken-host, debug info,

sudo: found:cn=UNIX-Team-root,ou=SUDOers,dc=abc,dc=com

sudo: ldap sudoUser netgroup ‘+unixadms’ … not

On working-host, debug info,

sudo: found:cn=UNIX-Team-root,ou=SUDOers,dc=abc,dc=com

sudo: ldap sudoUser netgroup ‘+unixadms’ … MATCH!

finally turned out domainname issue.

working-host:

$ domainname

abc.com

broken-host

$ domainname

(none)

Changed domainname using “domainname command”

# domainname abc.com

Then everything works fine.