-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 do you get the same response when you SSH into that box as root? if not, it might be a SUDOers issue. if you do, then i would check and diff the pam config files against a working server. also, check nsswitch.conf - make sure it is configured just like your other servers. Jon Schewe wrote: > I have a set of systems using Kerberos+LDAP for authentication. They are > all running OpenSuse 11.0, with one at 11.1. One of the 11.0 systems is > allowing users to su to root without a password. If I su and type in a > password (even the right one), I get a failure. If I just hit return for > the password, then I'm root. I checked and the password is set for root. > Root is not in kerberos nor LDAP. Any ideas? My other systems are > working correctly. > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAknBkmIACgkQvE9HrEfeE4fyHACgzSaSDv3+S2FlgcDorGLBh7lf QU0AoKscj1tZhGJ/t24TdFPqko0dhbXS =CMDP -----END PGP SIGNATURE-----