I have a strange problem on a CentOS-5.8 machine. I can only login as root. If I try to login with one of the user's names, it hangs for a long time. I thought it hung forever, but I just found that I do login after "su tim" after 5 minutes. It seems that the problem lies in repeated messages in /var/log/messages --------------------------- May 3 12:14:13 helen su: nss_ldap: failed to bind to LDAP server ldap://www.gayleard.com/: Can't contact LDAP server May 3 12:14:13 helen su: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)... --------------------------- The openldap server is not running, and I don't see why this authentication is being sought. There is nothing in /etc/pam.d/su or /etc/pam.d/login or /etc/ssh/sshd_config to suggest that ldap needs to be invoked, unless it is a part of system-auth . -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College Dublin
On Thu, 2012-05-03 at 13:47 +0100, Timothy Murphy wrote:> I have a strange problem on a CentOS-5.8 machine. > I can only login as root. > If I try to login with one of the user's names, > it hangs for a long time. > I thought it hung forever, but I just found that > I do login after "su tim" after 5 minutes. > > It seems that the problem lies in repeated messages in /var/log/messages > --------------------------- > May 3 12:14:13 helen su: nss_ldap: failed to bind to LDAP server > ldap://www.gayleard.com/: Can't contact LDAP server > May 3 12:14:13 helen su: nss_ldap: reconnecting to LDAP server > (sleeping 64 seconds)... > --------------------------- > > The openldap server is not running, and I don't see why > this authentication is being sought. > There is nothing in /etc/pam.d/su or /etc/pam.d/login > or /etc/ssh/sshd_config to suggest that ldap needs to be invoked, > unless it is a part of system-auth . >Have you also checked /etc/nsswitch.conf?
On May 3, 2012, at 5:47 AM, Timothy Murphy wrote:> I have a strange problem on a CentOS-5.8 machine. > I can only login as root. > If I try to login with one of the user's names, > it hangs for a long time. > I thought it hung forever, but I just found that > I do login after "su tim" after 5 minutes. > > It seems that the problem lies in repeated messages in /var/log/messages > --------------------------- > May 3 12:14:13 helen su: nss_ldap: failed to bind to LDAP server > ldap://www.gayleard.com/: Can't contact LDAP server > May 3 12:14:13 helen su: nss_ldap: reconnecting to LDAP server > (sleeping 64 seconds)... > --------------------------- > > The openldap server is not running, and I don't see why > this authentication is being sought. > There is nothing in /etc/pam.d/su or /etc/pam.d/login > or /etc/ssh/sshd_config to suggest that ldap needs to be invoked, > unless it is a part of system-auth .---- it would seem that you configured ldap as a potential authentication source in 'authconfig' Tait probably gave you the best possible fix - remove the ldap entries in /etc/nsswitch.conf (or /etc/sssd/sssd.conf if present). Craig
________________________________ From: Timothy Murphy <gayleard at eircom.net> To: centos at centos.org Sent: Thursday, May 3, 2012 5:47 AM Subject: [CentOS] Can only login as root> I have a strange problem on a CentOS-5.8 machine. > I can only login as root. > If I try to login with one of the user's names, > it hangs for a long time. > I thought it hung forever, but I just found that > I do login after "su tim" after 5 minutes. > > It seems that the problem lies in repeated messages in /var/log/messages > --------------------------- > May? 3 12:14:13 helen su: nss_ldap: failed to bind to LDAP server > ldap://www.gayleard.com/: Can't contact LDAP server > May? 3 12:14:13 helen su: nss_ldap: reconnecting to LDAP server >? (sleeping 64 seconds)... > ---------------------------==================== How does your /etc/nsswitch.conf look?? Particularly the 'passwd:' line?