Learn more about these different git repos.
Other Git URLs
https://bugzilla.redhat.com/show_bug.cgi?id=870238 (Red Hat Enterprise Linux 6)
Description of problem: I can't seem to change an AD Trusted User's Password from an IPA client. If I setup a trust on IPA env to AD domain, I would expect to be able to change passwords. Version-Release number of selected component (if applicable): [root@rhel6-1 ~]# rpm -q ipa-server-trust-ad ipa-server-trust-ad-3.0.0-105.20121019T0244zgita5684b0.el6.x86_64 [root@rhel6-1 ~]# rpm -q ipa-server ipa-server-3.0.0-105.20121019T0244zgita5684b0.el6.x86_64 -sh-4.1$ passwd Changing password for user adtestuser5@adtestdom.com. Current Password: passwd: Authentication token manipulation error -sh-4.1$ exit logout Connection to rhel6-1.testrelm.com closed. [root@rhel6-1 ~]# tail -3 /var/log/secure Oct 25 17:22:28 rhel6-1 passwd: pam_unix(passwd:chauthtok): user "adtestuser5@adtestdom.com" does not exist in /etc/passwd Oct 25 17:22:32 rhel6-1 passwd: pam_sss(passwd:chauthtok): Authentication failed for user adtestuser5@adtestdom.com: 4 (System error) Oct 25 17:23:36 rhel6-1 sshd[11248]: pam_unix(sshd:session): session closed for user adtestuser5@adtestdom.com [root@rhel6-1 ~]# kinit Administrator@ADTESTDOM.COM Password for Administrator@ADTESTDOM.COM: [root@rhel6-1 ~]# passwd adtestuser5@adtestdom.com Changing password for user adtestuser5@adtestdom.com. passwd: Authentication token manipulation error [root@rhel6-1 ~]# passwd adtestuser5@ADTESTDOM.COM Changing password for user adtestuser5@ADTESTDOM.COM. passwd: Authentication token manipulation error How reproducible: always as far as I can tell. Steps to Reproduce: 1. Setup IPA Master 2. Setup AD Server 3. Setup trust with ipa-adtrust-install; ipa trust-add 4. Log in as AD user on IPA client (can be master) 5. run passwd to try to change the user's password. Actual results: password change fails Expected results: password change succeeds. Additional info:
Fields changed
blockedby: => blocking: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => owner: somebody => sbose status: new => assigned testsupdated: => 0
patch: 0 => 1
milestone: SSSD 1.9.4 => SSSD 1.9.3
Fixed in master: - 9459006 - ba098f8 - 6ef6612 and sssd-1-9: - 0d20b3f - 8fd7d4b - cfed272 - d2386d8
resolution: => fixed status: assigned => closed
Metadata Update from @dpal: - Issue assigned to sbose - Issue set to the milestone: SSSD 1.9.3
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2657
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.