tieto team mailing list archive

Thread
Date

[Bug 957486] [NEW] Cannot change a local user's password when sssd is enabled

To: tieto@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <957486@xxxxxxxxxxxxxxxxxx>
Date: Mon, 07 Jan 2013 11:50:05 -0000
Reply-to: Bug 957486 <957486@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

You have been subscribed to a public bug by Ove Risberg (ove-risberg):

Ubuntu 11.10 system. I have sssd set up. Using pam-auth-update I enable
both sssd and Unix style authentication. The sssd uses LDAP only for
user account lookup. Users defined in sssd can change passwords OK,
however, local user accounts cannot, e.g. when logged in as a local user
(btmiller):

btmiller@hostname:~$ passwd
Current Password: 
New Password: 
Reenter new Password: 
passwd: Authentication token manipulation error
passwd: password unchange

The following appears in /var/log/auth.log:


Mar 16 18:18:05 hostname passwd[20544]: pam_sss(passwd:chauthtok): Authentication failed for user btmiller: 10 (User not known to the underlying authentication module)
Mar 16 18:18:10 hostname passwd[20544]: pam_sss(passwd:chauthtok): Password change failed for user btmiller: 10 (User not known to the underlying authentication module)

It looks like PAM has been set up to call pam_sss for ALL password
changes, regardless of whether the user is local or has been defined
through sss.

** Affects: sssd (Ubuntu)
     Importance: Medium
     Assignee: Timo Aaltonen (tjaalton)
         Status: Fix Released

-- 
Cannot change a local user's password when sssd is enabled
https://bugs.launchpad.net/bugs/957486
You received this bug notification because you are a member of Tieto, which is subscribed to the bug report.