[Samba] samba AD: using passwd on linux to change PW

Dr. Peer-Joachim Koch pkoch at bgc-jena.mpg.de
Wed Jan 3 13:49:51 UTC 2018


a short question about changing passwords. Our linux login server is 
using winbind
for authentication. Everything is working well, but changing the 
password for a user
does not work. We see the following error:

Changing password for USER
(current) NT password:
passwd: Authentication token manipulation error
passwd: password unchanged


pam_winbind(sshd:auth): getting password (0x00000388)
Jan  3 14:41:36 HOSTNAME sshd[4355]: pam_winbind(sshd:auth): 
pam_get_item returned a password
Jan  3 14:41:36 HOSTNAME sshd[4355]: pam_winbind(sshd:auth): request 
wbcLogonUser failed: WBC_ERR_AUTH_ERROR, PAM error: PAM_USER_UNKNOWN 
(10), NTSTATUS: NT_STATUS_NO_SUCH_USER, Error message was: The specified 
account does not exist.

Login is working fine, also the groups are all correct.

Maybe something in the pam-config has to be changed ?

Where can I find some description to setup the system that every user 
can execute passwd ?

System Debian 9.3 using winbind against Samba AD.


Max-Planck-Institut für Biogeochemie
Dr. Peer-Joachim Koch
Hans-Knöll Str.10            Telefon: ++49 3641 57-6705
D-07745 Jena                 Telefax: ++49 3641 57-7705

More information about the samba mailing list