[PLUG] SOLVED: Root login when LDAP server or network is down?
Terry Griffin
griffint at pobox.com
Mon Jan 20 19:38:02 UTC 2003
Never mind. I found the solution.
When you run 'authconfig' on Red Hat there's two places where you get to
select LDAP, once for "User Information" and once for "Authentication."
If you select LDAP for both you get the undesired behavior I described.
If you select LDAP only for "User Information" then you get what I would
consider desirable behavior. That is, when the LDAP server is down
LDAP users can't log in but local users (including root) can.
Terry
On Monday 20 January 2003 05:39 pm, Terry Griffin wrote:
> Hello,
>
> I'm playing with LDAP for authentication. I got everything working but
> found an unfortunate feature. If the LDAP server goes down or there's a
> network outage, it becomes impossible to log in to the client box even with
> accounts that are defined in the local /etc/passwd file and not on the LDAP
> server, including the root account.
>
> Because of this I actually managed to lock myself out of my test box. It
> was an LDAP server using itself for authentication. I shut down the server
> software to change some settings. I logged out for some reason and then
> couldn't get back in. I had to reboot to single user mode in order to
> recover. This could be a nasty hazard for a remotely administered box.
>
> Anyone know a way around this? I'd like root login not to depend on being
> able to make a connection to the LDAP server.
>
> Terry
More information about the PLUG
mailing list