[CentOS] nsswitch.conf, ldap, local groups problem

Wed Aug 27 22:07:33 UTC 2008
Craig White <craigwhite at azapple.com>

On Wed, 2008-08-27 at 17:56 -0400, Mark Hennessy wrote:
> Quoting Craig White <craigwhite at azapple.com>:

> > well, it hardly makes any sense to use ldap for user accounts and start
> > up with networking off but I would recommend that you adhere to the
> > advice at the top of the file and run 'authconfig' or
> > 'system-config-authentication', make sure the settings are correct
> > (including checking the box for local authentication is sufficient) so
> > that it configures not only /etc/pam.d/system-auth and nsswitch.conf
> 
> Yes, I agree, it makes no sense to operate a machine with ldap  
> accounts if it has no network connection, but at least one should be  
> able to log in as root.  To clarify, here's the problem:
> I have a machine.  In normal operation, the network connection is  
> non-functional and LDAP accounts are usable and everyone does their  
> thing over ssh.  If the network connection craps out, I can get into  
> the machine via serial console and try to find out what's going on,  
> perhaps switch to a different network connection, whatever.  If I  
> can't log in as root, my only recourse is to powercycle the machine  
> and go into single-user mode.  Now, multiply that by 100.  This is why  
> I need to get this working.
----
sounds like you're trying to fix a symptom, not the problem.

anyway, did you run authconfig/system-config-authentication ?

Craig