Try adding the following to /etc/ldap.conf (or whatever ldap config file your version of sudo was built to use). sudoers_debug 2 Then, when you run sudo you will see a large amount of debugging info related to sudo's use of LDAP which may help you track down the problem. - todd