After a customer had performed some bad edits on various LDAP configuration files, users were locked out and unable to access the system. Root could still login however.
I logged in as root, and rather than mess with various config files, eg under /etc/pam.d, ran this command to disable LDAP authentication and enable “normal” authentication using /etc/shadow: