Thanks for getting back to me. Here is /etc/pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      pam_env.so
auth        sufficient    pam_unix.so nullok try_first_pass
auth        requisite     pam_succeed_if.so uid >= 100 quiet
auth        sufficient    pam_ldap.so use_first_pass
auth        required      pam_deny.so

account     required      pam_unix.so broken_shadow
account     sufficient    pam_localuser.so
account     sufficient    pam_succeed_if.so uid < 500 quiet
account     [default=bad success=ok user_unknown=ignore] pam_ldap.so
account     required      pam_permit.so

password    requisite     pam_cracklib.so try_first_pass retry=3
password    sufficient    pam_unix.so md5 shadow nullok try_first_pass use_authtok
password    sufficient    pam_ldap.so use_authtok
password    required      pam_deny.so

session     required      pam_mkhomedir.so skel=/etc/skel/ umask=0077
session     optional      pam_keyinit.so revoke
session     required      pam_limits.so
session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session     required      pam_unix.so
session     optional      pam_ldap.so

Stephen John Smoogen wrote:

On Thu, Apr 10, 2008 at 6:40 AM, Aaron Bliss <abliss@brockport.edu> wrote:

Hi everyone,
 I have several redhat 4 and 5 machines authenticating successfully against
our ldap servers.  I used authconfig to configure the clients and everything
works great, ssh, vsftp, etc.  However, for some reason, I always see a log
entry similar to the following in /var/log/secure, even though the login
works;
 Apr 10 08:34:27 server1 sshd[30937]: pam_unix(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.21.80.195
user=user1

 Here is the contents of /etc/nsswitch.conf
 cat /etc/nsswitch.conf | grep -v \#

 passwd:     files ldap
 shadow:     files ldap
 group:      files ldap
 hosts:      files dns
 bootparams: nisplus [NOTFOUND=return] files
 ethers:     files
 netmasks:   files
 networks:   files
 protocols:  files ldap
 rpc:        files
 services:   files ldap
 netgroup:   files ldap
 publickey:  nisplus
 automount:  files ldap
 aliases:    files nisplus


I think we will need the contents of /etc/pam.d/system-auth for anyone to help .

-- 
Aaron Bliss
Systems Administrator
SUNY Brockport
(585) 395-2417