Issue #1882: sssd password change does not work for a newly create IPA user - sssd

SSSD / sssd

#1882 sssd password change does not work for a newly create IPA user

Closed: Invalid None Opened 10 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Fedora): Bug 953116

Description of problem:
The password cannot be changed for a new IPA user.

Version-Release number of selected component (if applicable):
sssd-1.10.0-1.fc19.alpha1

How reproducible:
always

Steps to Reproduce:
1. Create an user
$ kinit admin
...
$ ipa user-add ipauser --first ipa --last user --password
2. Try to login
$ su - ipauser
Password:
Password expired. Change your password now.
su: Authentication token manipulation error
3./var/log/secure:
Apr 17 13:56:55 f19 su: pam_unix(su-l:auth): authentication failure;
logname=root uid=1000 euid=0 tty=pts/0 ruser=test rhost=  user=aaa
Apr 17 13:56:56 f19 su: pam_sss(su-l:auth): authentication failure;
logname=root uid=1000 euid=0 tty=pts/0 ruser=test rhost= user=aaa
Apr 17 13:56:56 f19 su: pam_sss(su-l:auth): received for user aaa: 12
(Authentication token is no longer valid; new one required)
Apr 17 13:56:56 f19 su: pam_sss(su-l:account): User info message: Password
expired. Change your password now.
Apr 17 13:56:56 f19 su: pam_unix(su-l:chauthtok): user "aaa" does not exist in
/etc/passwd
Apr 17 13:56:56 f19 su: pam_sss(su-l:chauthtok): Authentication failed for user
aaa: 15 (Authentication service cannot retrieve user credentials)



Actual results:


Expected results:


Additional info:

jhrozek commented 10 years ago

This turned out to be PAM configuration issue - see https://bugzilla.redhat.com/show_bug.cgi?id=953116#c3

Sorry for the noise.

blockedby: =>
blocking: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
review: True => 0
selected: =>
testsupdated: => 0

jhrozek commented 10 years ago

Fields changed

resolution: => invalid
status: new => closed

Metadata Update from @jhrozek:
- Issue set to the milestone: NEEDS_TRIAGE

6 years ago

pbrezina commented 3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2924

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

major

Milestone

NEEDS_TRIAGE

type

defect

component

SSSD

version

None

selected

None

testsupdated

patch

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=953116

design_review

review

changelog

None

keywords

None

coverity

None

mark

None

blocking

None

design

None

sensitive

None

blockedby

None

feature_milestone

None

SSSD / sssd

Source Code

Documentation

#1882 sssd password change does not work for a newly create IPA user Closed: Invalid None Opened 10 years ago by jhrozek.

Metadata

#1882 sssd password change does not work for a newly create IPA user

Closed: Invalid None Opened 10 years ago by jhrozek.