Ah, thank you, I missed that
On Wed, Jan 9, 2019, 18:34 Mathieu Parent <570...@bugs.launchpad.net
wrote:
> It is. Closed by me:
>
> samba (2:4.9.1+dfsg-2) unstable; urgency=medium
> [ Mathieu Parent ]
> * Allow one to change password via passwd in default config
> - third_party: Update
I don't know why that samba upload closed this bug: #570944 is nowhere
in d/changelog.
** Changed in: samba (Ubuntu)
Status: Fix Released => Triaged
--
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to the bug report.
As suggested by gmoore777 removing use_authtok allowed me to go on with
password changing
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/570944
Title:
passwd : gives Authentication
I forgot to say i'm on precise with latest updates
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/570944
Title:
passwd : gives Authentication token manipulation error
To manage
Here is my solution:
1) copy winbind winbind-noauthtok unix-noauthtok files from attachments
to /usr/share/pam-configs/ (with overwrite)
2) copy pam_winbind.conf from attachment to /etc/security/
3) run pam-auth-update and check Unix authentication (no use_authtok)
Winbind NT/Active Directory
** Attachment added: winbind-noauthtok
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/570944/+attachment/2391120/+files/winbind-noauthtok
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
** Attachment added: unix-noauthtok
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/570944/+attachment/2391121/+files/unix-noauthtok
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
** Attachment added: pam_winbind.conf
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/570944/+attachment/2391122/+files/pam_winbind.conf
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
Oh, about offtopic - forget about it. Now I see - there is Session-
Interactive-Only: yes option.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/570944
Title:
passwd : gives
Right. We clearly don't want to introduce new failures when we fix a specific
combination :)
In the mean time, users affected by this issue can workaround it by following
comment 10.
--
passwd : gives Authentication token manipulation error
https://bugs.launchpad.net/bugs/570944
You received
I'd like a second pair of PAM eyes before making that change.
--
passwd : gives Authentication token manipulation error
https://bugs.launchpad.net/bugs/570944
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in ubuntu.
--
This is a tricky one. Dropping use_authtok does solve the problem of
pam_unix not prompting for the password, but it also changes the
behavior in the case that you have a password strength checking module
stacked first, such as pam_cracklib. If pam_cracklib is configured, we
don't want
OK, I misread use_authtok. It will *not* prompt for a new password if
none has been set by the previous module in stack. Since pam_unix
doesn't prompt for a new password (due to user DOMAIN\first.last does
not exist in /etc/passwd), pam_winbind has nothing to use and fails.
Looks like we should
I have interleaved the information, removed the timestamps and
substituted DOMAIN\first.last for the actual:
$ passwd
Changing password for DOMAIN\first.last
passwd[30381]: pam_unix(passwd:chauthtok): user DOMAIN\first.last
does not exist in /etc/passwd
passwd[30381]:
FYI:
I can get `passwd` to work if I change one line in common-password
From the winbind default-configured line of:
password [success=1 default=ignore] pam_winbind.so use_authtok
try_first_pass
To:
password [success=1 default=ignore] pam_winbind.so try_first_pass
So looks like just the
FYI:
I can get `passwd` to work if I change the line in common-password
From:
password [success=1 default=ignore] pam_winbind.so use_authtok
try_first_pass
To:
password sufficient pam_winbind.so
I'm not sure if I'm creating other problems with the above edit, since
I'm
** Changed in: samba (Ubuntu)
Status: Incomplete = Confirmed
--
passwd : gives Authentication token manipulation error
https://bugs.launchpad.net/bugs/570944
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in ubuntu.
--
Is this what you need?
$ cd /etc/pam.d
$ cat common-auth common-session-noninteractive common-session common-password
common-account | grep -v ^#
auth[success=2 default=ignore] pam_unix.so nullok_secure
auth[success=1 default=ignore] pam_winbind.so krb5_auth
Note that likewise 5.x doesn't add another layer on top of
samba/winbind, it's a complete reimplementation. It's also simpler to
set up, and since in your case something must be wrong with the winbind
setup, it might help you...
Could you attach your winbind configuration ?
--
passwd : gives
i am not using likewise-open on Lucid cause likewise-open no longer supports
setting up Samba shares with ActiveDirectory integration.
Meaning from a Windows machine, I cannot access \\linuxmachinename\sharename
and this
is important to our Windows/Linux workplace.
(And I no longer see the
Probably an issue with the winbind configuration... Any reason why
you're not using likewise-open in lucid as well ?
--
passwd : gives Authentication token manipulation error
https://bugs.launchpad.net/bugs/570944
You received this bug notification because you are a member of Ubuntu
Server Team,
Correct, `passwd` works with likewise-open on hardy, and fails with winbind on
lucid.
I do not know what the outcome of `passwd` is on hardy without likewise-open,
nor
the outcome of `passwd` on lucid with likewise-open.
I will ask this on the Lucid forum at
Thanks for your input. Did it ever work on previous releases ?
** Changed in: samba (Ubuntu)
Importance: Undecided = Medium
** Changed in: samba (Ubuntu)
Status: New = Incomplete
--
passwd : gives Authentication token manipulation error
https://bugs.launchpad.net/bugs/570944
You
Yes it works on HardyHeron.
I used likewise-open to faciitate the ActiveDirectory integration on HardyHeron,
rather than just the native samba/winbind integration on LucidLynx.
But that may have nothing to do with it, but is worthy of mentioning.
--
passwd : gives Authentication token
24 matches
Mail list logo