[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
** Changed in: libpam-ldap (Ubuntu) Status: Confirmed = Triaged ** Summary changed: - Cannot change password on ldap client unless libpam-cracklib also installed + Cannot change password on ldap client, need to have 'try_authtok' in the pam config ** Summary changed: - Cannot change password on ldap client, need to have 'try_authtok' in the pam config + Cannot change password on ldap client, need to have 'try_authtok' in the pam config or libpam-cracklib installed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/329067 Title: Cannot change password on ldap client, need to have 'try_authtok' in the pam config or libpam-cracklib installed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libpam-ldap/+bug/329067/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
** Bug watch added: Debian Bug tracker #588434 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588434 ** Also affects: libpam-ldap (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588434 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. https://bugs.launchpad.net/bugs/329067 Title: Cannot change password on ldap client unless libpam-cracklib also installed -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
This is what makes it work. I wasn't really sure if it being the right thing, but as others found it is the right thing if you are stacking various authentication methods. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. https://bugs.launchpad.net/bugs/329067 Title: Cannot change password on ldap client unless libpam-cracklib also installed -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
** Changed in: libpam-ldap (Debian) Status: Unknown = New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. https://bugs.launchpad.net/bugs/329067 Title: Cannot change password on ldap client unless libpam-cracklib also installed -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
** Bug watch added: Debian Bug tracker #588434 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588434 ** Also affects: libpam-ldap (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588434 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/329067 Title: Cannot change password on ldap client unless libpam-cracklib also installed -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
This is what makes it work. I wasn't really sure if it being the right thing, but as others found it is the right thing if you are stacking various authentication methods. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/329067 Title: Cannot change password on ldap client unless libpam-cracklib also installed -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
** Changed in: libpam-ldap (Debian) Status: Unknown = New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/329067 Title: Cannot change password on ldap client unless libpam-cracklib also installed -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
Requiring libpam-cracklib is unnecessary - all that would really need to happen is change pam-auth-update to write /etc/pam.d/common-password with try_authtok instead of use_authtok when it's enabling ldap. (Wiser and more experienced heads than I should test that for other issues but I haven't found any.)Commenting in hopes this gets bumped up the priority list because I was fighting with this for about a week before I had enough information to narrow down the Google results sufficiently. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. https://bugs.launchpad.net/bugs/329067 Title: Cannot change password on ldap client unless libpam-cracklib also installed -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
Requiring libpam-cracklib is unnecessary - all that would really need to happen is change pam-auth-update to write /etc/pam.d/common-password with try_authtok instead of use_authtok when it's enabling ldap. (Wiser and more experienced heads than I should test that for other issues but I haven't found any.)Commenting in hopes this gets bumped up the priority list because I was fighting with this for about a week before I had enough information to narrow down the Google results sufficiently. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/329067 Title: Cannot change password on ldap client unless libpam-cracklib also installed -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
Still exists in Lucid. Shouldn't be so hard to fix. The simplest (not best) solution would be to add libpam-cracklib to the list of dependencies for libpam-ldap. Is LDAP really a total non-topic for Ubuntu? -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
That's not really a viable solution as it introduces other issues. Once libpam-cracklib is installed and activated, creation of accounts that should not require a password prompt (disable login for example) all of a sudden does prompt for a password. -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
Still exists in Lucid. Shouldn't be so hard to fix. The simplest (not best) solution would be to add libpam-cracklib to the list of dependencies for libpam-ldap. Is LDAP really a total non-topic for Ubuntu? -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
That's not really a viable solution as it introduces other issues. Once libpam-cracklib is installed and activated, creation of accounts that should not require a password prompt (disable login for example) all of a sudden does prompt for a password. -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
I just confirmed this bug still exists on Maverick, with all the same details described above. -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
I just confirmed this bug still exists on Maverick, with all the same details described above. -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
I also just ran into this bug in Lucid. Please fix it. -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
What's more, with libpam-cracklib installed, creation of accounts that should have no password (password disabled accounts) still prompt for a password. The prompting for a password on password disabled account creation should probably be filed as a separate bug report, but I wanted to note it here for anyone affected by this bug. -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
I also just ran into this bug in Lucid. Please fix it. -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
What's more, with libpam-cracklib installed, creation of accounts that should have no password (password disabled accounts) still prompt for a password. The prompting for a password on password disabled account creation should probably be filed as a separate bug report, but I wanted to note it here for anyone affected by this bug. -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
This bug is indeed still present in Lucid. With an account only present in LDAP and the default common-password configuration, I get the following when trying to change the password for the user stored in LDAP: $ sudo passwd testing passwd: Authentication information cannot be recovered passwd: password unchanged Removing only the use_authtok parameter, I get the following: $ sudo passwd testing New password: Re-enter new password: LDAP password information changed for testing passwd: password updated successfully -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
This bug is indeed still present in Lucid. With an account only present in LDAP and the default common-password configuration, I get the following when trying to change the password for the user stored in LDAP: $ sudo passwd testing passwd: Authentication information cannot be recovered passwd: password unchanged Removing only the use_authtok parameter, I get the following: $ sudo passwd testing New password: Re-enter new password: LDAP password information changed for testing passwd: password updated successfully -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
I have the exact same problem in Karmic with the package 184-8ubuntu1. Removing the use_authok does the trick too. I confirm that using the cracklib module hide the problem. So is there a way to definitively fix this to avoid much problem during a security upgrade ? (just in case :). Thanks, Regards, Caeies -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
I'd like to confirm this bug too with libpam-ldap 184-4.2ubuntu2 on Jaunty. I had the following configuration generated by pam-auth-update: password [success=2 default=ignore] pam_unix.so obscure sha512 password [success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass password requisite pam_deny.so password required pam_permit.so I believe that pam_unix doesn't recognise the account as it's stored in ldap - it has no shadow entry, so doesn't prompt for an authtok (ie new password), then pam_ldap fails because it's trying to use the authtok which has not been set: Enter login(LDAP) password: passwd: Authentication information cannot be recovered passwd: password unchanged Removing the use_authtok therefore also fixes it for me, and also explains why pam_cracklib hides the problem - its higher in the stack and sets the authtok after checking it for strength. Ultimately I guess try_authtok would be the right semantic to work in both situations. -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
I'd like to confirm this bug too with libpam-ldap 184-4.2ubuntu2 on Jaunty. I had the following configuration generated by pam-auth-update: password [success=2 default=ignore] pam_unix.so obscure sha512 password [success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass password requisite pam_deny.so password required pam_permit.so I believe that pam_unix doesn't recognise the account as it's stored in ldap - it has no shadow entry, so doesn't prompt for an authtok (ie new password), then pam_ldap fails because it's trying to use the authtok which has not been set: Enter login(LDAP) password: passwd: Authentication information cannot be recovered passwd: password unchanged Removing the use_authtok therefore also fixes it for me, and also explains why pam_cracklib hides the problem - its higher in the stack and sets the authtok after checking it for strength. Ultimately I guess try_authtok would be the right semantic to work in both situations. -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
Ubuntu 8.10, used pam-auth-update to configure /etc/pam.d/common-*, enabled unix, ldap, consolekit (no kerberos, no cracklib) resulting common-password: # # /etc/pam.d/common-password - password-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define the services to be # used to change user passwords. The default is pam_unix. # Explanation of pam_unix options: # # The sha512 option enables salted SHA512 passwords. Without this option, # the default is Unix crypt. Prior releases used the option md5. # # The obscure option replaces the old `OBSCURE_CHECKS_ENAB' option in # login.defs. # # See the pam_unix manpage for other options. # As of pam 1.0.1-5, this file is managed by pam-auth-update by default. # To take advantage of this, it is recommended that you configure any # local modules either before or after the default block, and use # pam-auth-update to manage selection of other modules. See # pam-auth-update(8) for details. # here are the per-package modules (the Primary block) password[success=2 default=ignore] pam_unix.so obscure sha512 password[success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass # here's the fallback if no module succeeds passwordrequisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around passwordrequiredpam_permit.so # and here are more per-package modules (the Additional block) # end of pam-auth-update config -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
This is my /etc/pam.d/common-password after recently running another aptitude upgrade, restoring the problematic line to /etc/pam.d/common- password In this format, if I login as an LDAP user and type passwd, I get the following interaction ste...@apps:~$ passwd Enter login(LDAP) password: passwd: password updated successfully If I now change the line below password[success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass to password[success=1 user_unknown=ignore default=die] pam_ldap.so try_first_pass and then try changing my password again ... ste...@apps:~$ passwd Enter login(LDAP) password: New password: Re-enter new password: LDAP password information changed for stemul passwd: password updated successfully ste...@apps:~$ # # /etc/pam.d/common-password - password-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define the services to be # used to change user passwords. The default is pam_unix. # Explanation of pam_unix options: # # The sha512 option enables salted SHA512 passwords. Without this option, # the default is Unix crypt. Prior releases used the option md5. # # The obscure option replaces the old `OBSCURE_CHECKS_ENAB' option in # login.defs. # # See the pam_unix manpage for other options. # As of pam 1.0.1-5, this file is managed by pam-auth-update by default. # To take advantage of this, it is recommended that you configure any # local modules either before or after the default block, and use # pam-auth-update to manage selection of other modules. See # pam-auth-update(8) for details. # here are the per-package modules (the Primary block) password[success=2 default=ignore] pam_unix.so obscure sha512 password[success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass # here's the fallback if no module succeeds passwordrequisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around passwordrequiredpam_permit.so # and here are more per-package modules (the Additional block) # end of pam-auth-update config ** Changed in: libpam-ldap (Ubuntu) Status: Incomplete = Confirmed -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
Ubuntu 8.10, used pam-auth-update to configure /etc/pam.d/common-*, enabled unix, ldap, consolekit (no kerberos, no cracklib) resulting common-password: # # /etc/pam.d/common-password - password-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define the services to be # used to change user passwords. The default is pam_unix. # Explanation of pam_unix options: # # The sha512 option enables salted SHA512 passwords. Without this option, # the default is Unix crypt. Prior releases used the option md5. # # The obscure option replaces the old `OBSCURE_CHECKS_ENAB' option in # login.defs. # # See the pam_unix manpage for other options. # As of pam 1.0.1-5, this file is managed by pam-auth-update by default. # To take advantage of this, it is recommended that you configure any # local modules either before or after the default block, and use # pam-auth-update to manage selection of other modules. See # pam-auth-update(8) for details. # here are the per-package modules (the Primary block) password[success=2 default=ignore] pam_unix.so obscure sha512 password[success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass # here's the fallback if no module succeeds passwordrequisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around passwordrequiredpam_permit.so # and here are more per-package modules (the Additional block) # end of pam-auth-update config -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
This is my /etc/pam.d/common-password after recently running another aptitude upgrade, restoring the problematic line to /etc/pam.d/common- password In this format, if I login as an LDAP user and type passwd, I get the following interaction ste...@apps:~$ passwd Enter login(LDAP) password: passwd: password updated successfully If I now change the line below password[success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass to password[success=1 user_unknown=ignore default=die] pam_ldap.so try_first_pass and then try changing my password again ... ste...@apps:~$ passwd Enter login(LDAP) password: New password: Re-enter new password: LDAP password information changed for stemul passwd: password updated successfully ste...@apps:~$ # # /etc/pam.d/common-password - password-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define the services to be # used to change user passwords. The default is pam_unix. # Explanation of pam_unix options: # # The sha512 option enables salted SHA512 passwords. Without this option, # the default is Unix crypt. Prior releases used the option md5. # # The obscure option replaces the old `OBSCURE_CHECKS_ENAB' option in # login.defs. # # See the pam_unix manpage for other options. # As of pam 1.0.1-5, this file is managed by pam-auth-update by default. # To take advantage of this, it is recommended that you configure any # local modules either before or after the default block, and use # pam-auth-update to manage selection of other modules. See # pam-auth-update(8) for details. # here are the per-package modules (the Primary block) password[success=2 default=ignore] pam_unix.so obscure sha512 password[success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass # here's the fallback if no module succeeds passwordrequisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around passwordrequiredpam_permit.so # and here are more per-package modules (the Additional block) # end of pam-auth-update config ** Changed in: libpam-ldap (Ubuntu) Status: Incomplete = Confirmed -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
Hello, Can you please post the full content of your /etc/pam.d/common-password on the affected system? -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
** Changed in: libpam-ldap (Ubuntu) Status: New = Incomplete -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
Hello, Can you please post the full content of your /etc/pam.d/common-password on the affected system? -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
** Changed in: libpam-ldap (Ubuntu) Status: New = Incomplete -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
I can confirm this bug/problem. -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libpam-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 329067] Re: Cannot change password on ldap client unless libpam-cracklib also installed
I can confirm this bug/problem. -- Cannot change password on ldap client unless libpam-cracklib also installed https://bugs.launchpad.net/bugs/329067 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs