Run redhat-config-authentication and turn ldap back off. When I played with it briefly, I turned ldap authentication on but I tested it with another session without logging off first. I discovered all I needed to do was to make sure the ldap server was started.
This doesn't help you if your LDAP server dies for any reason, you're back to where you started.
A fix that worked for me was to add a line to /etc/pam.d/system-auth. Remember that if you run authconfig again, you will overwrite your changes and be back to square one. Please complain to Redhat so that we can get this bug fixed - it has been outstanding since Redhat v7.3 or earlier.
Add the line marked with the arrow:
account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_localuser.so <--
account [default=bad success=ok user_unknown=ignore service_err=ignore system_err=ignore] /lib/security/$ISA/pam_ldap.so
Regards, Graham --
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
