Converting sudoers aliases and user specifications

Before you convert the sudoers file aliases and user specifications to rights, role definitions, and role assignments, be certain that you have imported all the users and groups specified in the sudoers file into Active Directory, and that you have added them to the zone in which you are imported the sudoers file. If there are users and groups without a profile in the zone when you attempt to convert the user specifications from the imported sudoers file into role assignments in Access Manager, the conversion will fail.

In addition, keep in mind that the role definitions and assignments you create from sudoers specifications do not contain any UNIX system rights or PAM access rights. You can assign those rights through other roles, such as the predefined UNIX Login role, or you can add system rights and PAM access rights to the role definitions after you create them from the sudoers specifications.

Within each item are objects for the sudoers definitions that were imported. For example, within User Alias are alias definitions, each one of which contains the user accounts defined for that alias.

Each type of information from the sudoers file converts to a different type of authorization information in the Centrify zone. You do not need to convert all of the imported aliases. You can simply ignore or delete aliases that are obsolete or no longer relevant.