Ah, thank you, I missed that On Wed, Jan 9, 2019, 18:34 Mathieu Parent <[email protected] wrote:
> It is. Closed by me: > > samba (2:4.9.1+dfsg-2) unstable; urgency=medium > [ Mathieu Parent ] > * Allow one to change password via passwd in default config > - third_party: Update pam_wrapper to version 1.0.7 > - third_party: Add pam_set_items.so from pam_wrapper > - nsswitch: Add try_authtok option to pam_winbind > - tests: Check pam_winbind pw change with different options > - Patch for previous 4 commits > - debian/winbind.pam-config: Use the new try_authtok option allowing > password change while preserving current behavior with password strength > modules (Closes: #858923, LP: #570944) > > -- > You received this bug notification because you are subscribed to samba > in Ubuntu. > https://bugs.launchpad.net/bugs/570944 > > Title: > passwd : gives "Authentication token manipulation error" > > Status in samba package in Ubuntu: > Triaged > > Bug description: > Binary package hint: samba > > `passwd` for ActiveDirectory account gives "Authentication token > manipulation error" > > I have latest and greatest of LucidLynx updates. > > winbind 2:3.4.7~dfsg-1ubuntu3 > samba 2:3.4.7~dfsg-1ubuntu3 > > I have ActiveDirectory integration with Samba/Winbind. (not > Likewise-Open) > Logging into Console window or `ssh`-ing into machine works fine using > DOMAIN\first.last account names. > > Trying to change password with the `passwd` program: > > $ passwd > Changing password for DOMAIN\first.last > (current) NT password: > passwd: Authentication token manipulation error > passwd: password unchanged > $ > > In the /var/log/auth.log file I get this output in conjunction with > the above passwd attempt: > > pam_unix(passwd:chauthtok): user "DOMAIN\first.last" does not exist in > /etc/passwd > passwd[16109]: pam_winbind(passwd:chauthtok): getting password > (0x0000002a) > > passwd[16109]: pam_winbind(passwd:chauthtok): user 'DOMAIN\first.last' > granted access > passwd[16109]: pam_unix(passwd:chauthtok): user "DOMAIN\first.last" does > not exist in /etc/passwd > passwd[16109]: pam_winbind(passwd:chauthtok): getting password > (0x00000012) > > I don't see anything particularly wrong with that output, other > than it seems to stop prematurely. > > This is my default-created /etc/pam.d/common-password file: > > password [success=2 default=ignore] pam_unix.so obscure sha512 > password [success=1 default=ignore] pam_winbind.so use_authtok > try_first_pass > password requisite pam_deny.so > password required pam_permit.so > password optional pam_gnome_keyring.so > > I've Googled for "Authentication token manipulation error", but most > cases involve local Linux accounts or other uninteresting problems. > > I don't think any entries in smb.conf have an effect on passwd, but > here's a snippet of entries with the word "pass" or "encrypt" in them: > > password server = machine.domain.com > encrypt passwords = true > passdb backend = tdbsam > unix password sync = yes > passwd program = /usr/bin/passwd %u > passwd chat = *Enter\snew\s*\spassword:* %n\n > *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . > pam password change = yes > encrypt passwords = true > > > I can successfully change password, using `passwd` for a local Linux > account. > > $ passwd > Changing password for localAccount. > (current) UNIX password: > Enter new UNIX password: > Retype new UNIX password: > passwd: password updated successfully > $ > > To manage notifications about this bug go to: > https://bugs.launchpad.net/ubuntu/+source/samba/+bug/570944/+subscriptions > > Launchpad-Notification-Type: bug > Launchpad-Bug: distribution=ubuntu; sourcepackage=samba; component=main; > status=Triaged; importance=Medium; assignee=None; > Launchpad-Bug-Information-Type: Public > Launchpad-Bug-Private: no > Launchpad-Bug-Security-Vulnerability: no > Launchpad-Bug-Commenters: ahasenack gasinvein guy-moore janitor > lorenzetto-luca math-parent nacc ttx urusha vorlon > Launchpad-Bug-Reporter: gmoore777 (guy-moore) > Launchpad-Bug-Modifier: Mathieu Parent (math-parent) > Launchpad-Message-Rationale: Subscriber (samba in Ubuntu) > Launchpad-Message-For: ahasenack > -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/570944 Title: passwd : gives "Authentication token manipulation error" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/570944/+subscriptions -- Ubuntu-server-bugs mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
