After a customer had performed some bad edits on various LDAP configuration files, users were locked out and unable to access the system. Root could still login however.
I logged in as root, and rather than mess with various config files, eg under /etc/pam.d, ran this command to disable LDAP authentication and enable “normal” authentication using /etc/shadow:
# authconfig --disableldapauth --disableldap --enableshadow --updateall
After which users could login again.
Footnote
This was a “lab” system located on an isolated network. On a production server, having direct root login is not recommended, and great care should be exercised before using the authconfig command.
Thank you very much for posting this. It fixed my server. How would I make this permanent? I only want local users, no LDAP, my LDAP servers time out and slow everything down.
When I ran the command on my side, it fixed the issue permanently.
Thanks all!
Hi Denis. As far as I am aware, the authconfig command is permanent. Once the above command has been issued, LDAP will no longer be used for authentication.
hi
thanks for posting this. it fixed my issue as well.
Cheers Ali.