Try setting your timelimt and bind_timelimit to something like a bit lower.
Date: Thu, 22 Mar 2012 17:03:56 +0800
Subject: Root not allowed to login
My client is installed with RHEL 6.0 and I am using OpenLDAP 2.4. When the box loses connection with the ldap server, even the root cannot log in as it tries to bind with the ldap server. This can be seen when I log in with root and the message below appears :
sshd: pam_ldap: error trying to bind as user "uid=root, ou=People, dc=example,dc=com" (Invalid credentials).
My root user is not even in the ldap database. When connection is fine, the message above does not affect the login of root. The login of root is only screwed up when the box loses connectivity.
Attached are my pam.d/system-auth file, pam.d/login, pam./dsshd and ldap.conf files.
I have been googling around but some either switch to kerberos, or the question is left unatttended to. Please help. I can only resort to restarting the box whenever this happens. How can I configure the ldap so that local users can login when there's no connectivity to ldap server?