I found myself unable to activate the crontab for non-root users on the new Exadata server that was recently installed.

$ crontab -e
You (oracle) are not allowed to use this program (crontab)
See crontab(1) for more information

I checked the usual suspects /etc/cron.allow and /etc/cron.deny and they were all configured correctly. I spent a further half hour or so messing around with /etc/security/access and pam_access in cron.

Had Oracle simply disabled cron entirely on their Exadata machine? That would be unusual but not entirely unfeasable. Oracle often do stupid shit like that.

A search through the Oracle knowledgebase eventually turned up a solution as to why users could not use crontab:

The stickysetuid bit was not set on /usr/bin/crontab, so no non-root user could execute the command.
A quick chmod +s /usr/bin/crontab sorted it all out.