Cron does not work for ldap users. I Think the problem is related to Bug 448016: su does not work in 5.2 Starting nscd does not solve the problem, as it does with bug 448016. We've also experienced bug 448016: su does not work in 5.2, and we've applied the workaround with nscd, and now su works with ldap users. But cron still does not work with ldap users. Here is out /etc/pam.d/system-auth: #%PAM-1.0 # This file is managed using cfengine # User changes will be destroyed the next time cfagent is run. auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so account required /lib/security/$ISA/pam_ldap.so ignore_unknown_user ignore_authinfo_unavail password required /lib/security/$ISA/pam_cracklib.so retry=3 type= password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow password sufficient /lib/security/$ISA/pam_ldap.so use_authtok password required /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_limits.so session optional /lib/security/$ISA/pam_unix.so session optional /lib/security/$ISA/pam_ldap.so ,and our /etc/pam.d/crond file: # # The PAM configuration file for the cron daemon # # auth sufficient pam_rootok.so auth required pam_env.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth Thanks
This looks like a duplicate of bug #448014, which was fixed in nss_ldap-253-13.el5_2.1. Please reopen this report if this update did not resolve the problem. Thanks! *** This bug has been marked as a duplicate of bug 448014 ***