Thanks for the information. But is not working for me.
account required pam_unix.so broken_shadow account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_ldap.so account required pam_permit.so In Syslog (/var/log/secure) its keep on printing. Accepted password for testuser from 1.2.3.4 port 46747 ssh2 failed to bind to LDAP server ldap://10.0.119.36/: Can't contact LDAP server failed to bind to LDAP server ldap://10.0.119.36/: Can't contact LDAP server reconnecting to LDAP server (sleeping 4 seconds)... failed to bind to LDAP server ldap://10.0.119.36/: Can't contact LDAP server reconnecting to LDAP server (sleeping 8 seconds)... failed to bind to LDAP server ldap://10.0.119.36/: Can't contact LDAP server reconnecting to LDAP server (sleeping 16 seconds)... Yes, I'm using RHEL-5.4 Thanks & Regards, Meghanand N. Acharekar On Thu, Feb 3, 2011 at 8:06 PM, Buchan Milne <[email protected]>wrote: > On Thursday, 3 February 2011 14:34:21 Meghanand Acharekar wrote: > > Hi, > > > > I have configured a mixed authentication systems (LDAP + System Users). > > On this system some users are configure to login via ldap rest as system > > users. > > I observed that if the ldap server goes down, system users also not able > to > > login. > > Is there any way to prevent this, following my pam configuration. > > > > system-auth : > > > > auth required pam_env.so > > auth sufficient pam_unix.so nullok try_first_pass > > auth requisite pam_succeed_if.so uid >= 500 quiet > > auth sufficient pam_ldap.so use_first_pass > > auth required pam_deny.so > > > > account required pam_unix.so broken_shadow > > account sufficient pam_succeed_if.so uid < 500 quiet > > Replace the above line with: > account sufficient pam_localuser.so > > If you have pam_localuser.so available (you didn't mention which distro, > but > it seems to be RH-derived). > > Regards, > Buchan >
