Try setting your timelimt and bind_timelimit to something like a bit lower.

timelimit 4

bind_timelimit 4

Date: Thu, 22 Mar 2012 17:03:56 +0800
Subject: Root not allowed to login
From: [email protected]
To: [email protected]

Hi,

My client is installed with RHEL 6.0 and I am using OpenLDAP 2.4. When the box 
loses connection with the ldap server, even the root cannot log in as it tries 
to bind with the ldap server. This can be seen when I log in with root and the 
message below appears :


sshd: pam_ldap: error trying to bind as user "uid=root, ou=People, 
dc=example,dc=com" (Invalid credentials).

My root user is not even in the ldap database. When connection is fine, the 
message above does not affect the login of root. The login of root is only 
screwed up when the box loses connectivity.


Attached are my pam.d/system-auth file, pam.d/login, pam./dsshd and ldap.conf 
files. 

I have been googling around but some either switch to kerberos, or the question 
is left unatttended to. Please help. I can only resort to restarting the box 
whenever this happens. How can I configure the ldap so that local users can 
login when there's no connectivity to ldap server?


Thanks heaps!
-- 






        
                
                
                
                
                
                
                
                        
                        
                         MGRC - Sequence. Analyse. Innovate. 
                        
                        
                
                
                
                
                
                        


        
                
                
                                         
                        Su Seau Yeen

                        Manager, IT Operations

                        
                         
                
                        
                


        
                        
                
                
                        Malaysian Genomics Resource Centre Berhad (MGRC)

                        T: +6 03 2283 1820 | F: +6 03 2282 8102 
                                 | M: +6 012 6784642 | www.mgrc.com.my

                
                
                
                


        
        


        






                
        
                
                
                        This e-mail is intended only for the use of the 
individual or entity to which it is addressed and may contain 
confidential and/or privileged material. Any review, retransmission, 
dissemination or other use of or taking of any action in reliance upon 
this information by persons or entities other than the intended 
recipient, is strictly prohibited. If you receive this e-mail in error, 
please contact us immediately by return e-mail and delete the original 
message(s).
                
                
                
        





                                          

Reply via email to