If I create a crontab (following the aforementioned RedHat Bugzilla report) for an LDAP user on an LDAP client which reads
*/1 * * * * /bin/mail -s "cron test" user@domain
crond dies.
If I do the same I get two emails every minute, one with subject "cron test", and another with the STDOUT of the cron entry saying "Null message body; hope that's ok". Both show up clearly as outgoing messages in /var/log/maillog.
I'm getting a little baffled too, but I'm still confident we can figure out what's going on at your end.
Let's start by making sure we're on the same FC1 page...
sendmail-8.12.10-1.1.1 nss_ldap-207-3 at-3.1.8-46.1 vixie-cron-3.0.1-76 openldap-clients-2.1.22-8 openldap-2.1.22-8
And that we're talking about the same basic configuration... 1) remote LDAP server with objectClass: posixaccount entries 2) local /etc/nsswitch.conf has passwd: files ldap group: files ldap (or similar) 3) local /etc/pam.d/system-auth uses pam_ldap.so (verified) 4) /etc/ldap.conf has something like host ldap.domain.com base dc=domain,dc=com pam_filter objectclass=posixAccount nss_base_passwd ou=People,dc=domain,dc=com?one nss_base_shadow ou=People,dc=domain,dc=com?one nss_base_group ou=Groups,dc=domain,dc=com?one ssl start_tls
I'd expect cron and sendmail to be more concerned with NSS than PAM, in general, since they'll want to look up who you are, but shouldn't be doing any actual authentication of their own.
Does 'finger ldap_user' list the correct information?
If not it's definately nss_ldap related... possibly due to an incorrect ssl setting (I think the default may have changed at some point) or an unhappy nscd.
