Public bug reported: Binary package hint: samba
I've been doing these tests on Karmic using the Lucid winbind pam- config. When trying to change the user's password using the Lucid winbind pam- config, I get the following: $ passwd passwd: Authentication token manipulation error passwd: password unchanged I've attached a patch for the winbind pam-config which at least recognizes the username, but I still get the following error: $ passwd Changing password for EXAMPLE\user (current) NT password: passwd: Authentication token manipulation error passwd: password unchanged Some more details about the diff patch: 1. For the auth module, I've changed 'try_first_pass' to 'use_first_pass' so that it insists that the credentials used for authentication are the ones initially entered by the user. Whether that's a good thing or not, I have no idea. 'try_first_pass' might be a better idea if there is a chance that the username exists in both /etc/passwd and active directory but have different passwords. 2. I've changed the 'Password-Type' from 'Additional' to 'Primary'. With the 'Additional' setting, any failure in pam_unix.so (e.g. user does not exist in /etc/passwd) means that pam_deny.so is the next module so pam_winbind.so is never executed. For both 'Password' and 'Password- Initial', I've changed the control from 'requisite' to '[success=end default=ignore]' so that it stacks properly with any other module that may also be in use. 3. I've added pam_mkhomedir.so as an optional module in the session type since it uses /etc/skel while the 'mkhomedir' argument for pam_winbind.so does not. Again, whether this is a good thing or not, I have no idea. P.S. Apologies if the diff patch contains more than that which is relevant with this issue. ** Affects: samba (Ubuntu) Importance: Undecided Status: New -- cannot change password of AD user when using pam_winbind https://bugs.launchpad.net/bugs/556285 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs