Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 229427

Summary: authconfig allows ldap authentication when user information from ldap is enabled
Product: [Fedora] Fedora Reporter: Kimmo Vuorinen <kimmo.vuorinen>
Component: authconfigAssignee: Tomas Mraz <tmraz>
Status: CLOSED NOTABUG QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 6   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-02-21 09:07:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Kimmo Vuorinen 2007-02-20 23:02:51 UTC
Description of problem:
authconfig allows authentication from ldap when user information from ldap is

Steps to Reproduce:
1. run authconfig-tui, enable ldap user information, make sure ldap
authentication is disabled, save settings
2. log in using an account from ldap-database
Actual results:
Login is successful

Expected results:
Login fails, but uid/user gid/group mapping etc. from ldap-database is still
available when required

Comment 1 Tomas Mraz 2007-02-21 09:07:35 UTC
That's a feature, not a bug, of having full accounts including passwd hash in
LDAP database. 

You can remove ldap from 'shadow:' line of /etc/nsswitch.conf however doing this
change in authconfig in general is not desirable.