I am currently using LDAP for authentication and have found that I am unable to login to Gnome Desktop or switch user to certain system administrator accounts.
su - sysxxx
Password: <enter correct password>
su: incorrect password
After a lot of investiagion I discovered that the problem is the accounts had a UID in the range of 200 to 220. These logins are also used on Solaris and are outside the Solaris reserved UID range. They work fine on Solaris and on Fedora Core 4 - just no good on Fedora Core 5.
I eventually tracked it down to the default settings of Fedora Core 5.
A new install of Fedora Core 4 does not let users with a UID of less than 100 login.
A new install of Fedora Core 5 does not let users with a UID of less than 500 login.
This is set in the files:
e.g. from system-auth:
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so
I was just wondering what the motivation was for increasing the allowed UID range to above 500?
I don't see any issues changing it back to 100... in fact an upgrade insall from FC4 to FC5 preserves the 100 value.