Yesterday I set up our new learning sysadmin to get into our RHEL hosts. Access and authorization is managed by an LDAP directory via PAM.
I set him up, then had him try to log in. It didn't work; I dumped cache with nscd; it worked. Yay!
We stayed on that machine and, after a bit, I wanted to show him the id command. It claimed that he no longer existed; I dumped cache with nscd; it still didn't work. Sigh.
We did other things, then I said we'd finish up. He logged back out before I'd meant him to, so he logged back in. Successfully. And now the id command admitted that he exists.
Why would it stop working for thirty minutes or so?
I've seen other flakiness with this combination in RHEL 5; I've got a server where I can't get two out of a couple dozen users recognized. Shall I worry about this or just get rid of these EOL'd OSes?
Red Hat
Learning Community
A collaborative learning environment, enabling open source skill development.