Ron Johnson [Thu, Sep 03, 2009 at 05:39:07AM -0500]: > On 2009-09-03 05:02, Nico Schottelius wrote: > >- login fails for root (who is not in ldap) and ldap users > > > >- I cannot login locally as root! > > I thought you said you couldn't *remotely* log in as root.
It fails for *both* ways until I login *locally* as a ldap user. > >! It works again (i.e. ssh and local root), if I login locally as an LDAP > >user. > > > >- It takes about 30 days to occur (or different, not yet sure) > [snip] > >Aug 8 22:05:01 ikr3 CRON[19505]: (pam_krb5): none: ignoring low-UID user (0 > >< 1001) > > Does the local root login failure start only after remote root > logins fail? Yes, afaics it's the same time (i.e. normally local root access is possible and it also works again, after I logged in as a LDAP user). > I'd work around this issue by not allowing remote root logins. I'm sorry, how should this fix not being able to login via ssh at all? Sincerly, Nico -- Currently moving *.schottelius.org to http://www.nico.schottelius.org/ ... PGP: BFE4 C736 ABE5 406F 8F42 F7CF B8BE F92A 9885 188C
signature.asc
Description: Digital signature
