Bug 454292 - cron does not work for ldap users.
cron does not work for ldap users.
Status: CLOSED DUPLICATE of bug 448014
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: nss_ldap (Show other bugs)
x86_64 Linux
low Severity high
: rc
: ---
Assigned To: Nalin Dahyabhai
Depends On:
  Show dependency treegraph
Reported: 2008-07-07 11:05 EDT by Bogdan Sandu
Modified: 2010-06-30 11:23 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2010-06-30 11:23:54 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Bogdan Sandu 2008-07-07 11:05:39 EDT
Cron does not work for ldap users.

I Think the problem is related to Bug 448016: su does not work in 5.2

Starting nscd does not solve the problem, as it does with bug 448016.

We've also experienced bug 448016: su does not work in 5.2, and we've applied
the workaround with nscd, and now su works with ldap users.

But cron still does not work with ldap users.

Here is out /etc/pam.d/system-auth:
# This file is managed using cfengine
# User changes will be destroyed the next time cfagent is run.

auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/$ISA/pam_ldap.so use_first_pass
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so
account     required      /lib/security/$ISA/pam_ldap.so ignore_unknown_user

password    required      /lib/security/$ISA/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/$ISA/pam_unix.so nullok use_authtok md5
password    sufficient    /lib/security/$ISA/pam_ldap.so use_authtok
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     optional      /lib/security/$ISA/pam_unix.so
session     optional      /lib/security/$ISA/pam_ldap.so

,and our /etc/pam.d/crond file:
# The PAM configuration file for the cron daemon
auth       sufficient pam_rootok.so
auth       required   pam_env.so
auth       include    system-auth
account    required   pam_access.so
account    include    system-auth
session    required   pam_loginuid.so
session    include    system-auth

Comment 1 Nalin Dahyabhai 2010-06-30 11:23:54 EDT
This looks like a duplicate of bug #448014, which was fixed in
nss_ldap-253-13.el5_2.1.  Please reopen this report if this update did not
resolve the problem.  Thanks!

*** This bug has been marked as a duplicate of bug 448014 ***

Note You need to log in before you can comment on or make changes to this bug.