Ok, I've tried to convince myself that it's me that's the problem but unfortunately I cannot "undo" what I've done.

Novell OES Linux Linux 2.6.5-7.151-default i686, SUSE LINUX Enterprise Server 9 (i586)
Novell Remote Managaer

I'm toying around with local logins to the linux box with eDir/LDAP authentication. I have been able to log in as myself (an admin to the tree via group membership which has S to the tree) and as the 'default admin account'.

I wanted to see what the interface would look like as a regular user but was unsuccessful in logging in. The web login prompted me with "Login Error! Username or Password invalid. Please try again."

OK, so I tried a different user. Same problem. Just for fun I made one of the users a member of the Administrator group (again, Administrator group has S privs to the entire tree). Magically, the user was able to log into the NRM interface. "Cool" I thought, regular users cannot even access the NRM screen. I then took the user out of the Administrator group, waited for eDir to sync (about five seconds as verified by an 'iptraf' screen), logged the user out of NRM and tried to log back in. To my suprise, the user can log in and more importantly can delete ANY file from ANY partition on the linux box?

WTH? Seems the S rights to the box haven't been removed! I verified this behavior with other users and they get permanently elevated privs. Hopefully this is a bug that can be fixed!?

Thanks, Brian