[Samba] Changing User password from ssh member server

Guilherme Boing kolt+samba at frag.com.br
Thu Oct 8 17:59:26 UTC 2015 

Hi Rowland,

This is a CentOS 6.7 server.
I was able to make some progress. I have edited /etc/pam.d/system-auth, and
now it looks like:

auth        required      pam_env.so
auth        sufficient    pam_unix.so nullok try_first_pass
auth        requisite     pam_succeed_if.so uid >= 500 quiet
auth        sufficient    pam_ldap.so use_first_pass
auth        required      pam_deny.so

account     required      pam_unix.so
account     sufficient    pam_localuser.so
account     sufficient    pam_succeed_if.so uid < 500 quiet
account     [default=bad success=ok user_unknown=ignore] pam_ldap.so
account     required      pam_permit.so

password    requisite     pam_cracklib.so try_first_pass retry=3 type=
password    sufficient    pam_unix.so sha512 shadow nullok try_first_pass
password    sufficient    pam_ldap.so use_authtok
password    required      pam_deny.so

session     optional      pam_keyinit.so revoke
session     required      pam_limits.so
session     [success=1 default=ignore] pam_succeed_if.so service in crond
quiet use_uid
session     optional      pam_ldap.so
session     required      pam_mkhomedir.so skel=/etc/skel umask=0022
session     required      pam_unix.so

Now passwd works, but not really:
[Guilherme at server ~]$ passwd
Changing password for user Guilherme.
Enter login(LDAP) password:
New password:
Retype new password:
LDAP password information changed for Guilherme
passwd: all authentication tokens updated successfully.

After that, I have logged out and logged in with the same old password. The
password didn't seem to update.


On Thu, Oct 8, 2015 at 2:47 PM, Rowland Penny <rowlandpenny241155 at gmail.com>
wrote:

> On 08/10/15 18:38, Guilherme Boing wrote:
>
>> Hi,
>>
>> I am authenticating users on our linux servers using nslcd/pam_ldap.
>> Authentication is fine, however, it is not possible for the user to change
>> the password from the server.
>>
>> Is there a way to make it work ?
>>
>> [Guilherme at server ~]$ passwd
>> Changing password for user Guilherme.
>> passwd: Authentication token manipulation error
>>
>> Oct  8 14:37:53 server passwd: pam_unix(passwd:chauthtok): user
>> "Guilherme"
>> does not exist in /etc/passwd
>>
>
> What sort of Linux server?
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list