I changed common-password to be identical to what it is on another machine that doesn't have sssd installed, and everything works now. That involved deleting the sssd line, as well as some pam_unix options. Seems like this ought to be done when SSSD is removed. In any event, SSSD is still blocking local password changes in 13.04, even for the root account.
-- You received this bug notification because you are a member of Tieto, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/957486 Title: Cannot change a local user's password when sssd is enabled Status in “sssd” package in Ubuntu: Fix Released Bug description: Ubuntu 11.10 system. I have sssd set up. Using pam-auth-update I enable both sssd and Unix style authentication. The sssd uses LDAP only for user account lookup. Users defined in sssd can change passwords OK, however, local user accounts cannot, e.g. when logged in as a local user (btmiller): btmiller@hostname:~$ passwd Current Password: New Password: Reenter new Password: passwd: Authentication token manipulation error passwd: password unchange The following appears in /var/log/auth.log: Mar 16 18:18:05 hostname passwd[20544]: pam_sss(passwd:chauthtok): Authentication failed for user btmiller: 10 (User not known to the underlying authentication module) Mar 16 18:18:10 hostname passwd[20544]: pam_sss(passwd:chauthtok): Password change failed for user btmiller: 10 (User not known to the underlying authentication module) It looks like PAM has been set up to call pam_sss for ALL password changes, regardless of whether the user is local or has been defined through sss. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/957486/+subscriptions -- Mailing list: https://launchpad.net/~tieto Post to : [email protected] Unsubscribe : https://launchpad.net/~tieto More help : https://help.launchpad.net/ListHelp
