Issue #985: Improve error messages returning (3, 4, <NULL>) [Internal Error (System error)] - sssd

SSSD / sssd

#985 Improve error messages returning (3, 4, <NULL>) [Internal Error (System error)]

Closed: Fixed None Opened 12 years ago by kaushikub.

A similar issue was fixed by sumit in #982

Try to change password of a user in openldap server with ppolicy set("pwdInHistory: 6" and use the password used within the last 6 times):

# ssh -l ppuser1 localhost
ppuser1@localhost's password: 
Your password has expired. You have 3 grace login(s) remaining.
Last login: Tue Aug 30 15:33:40 2011 from localhost
Could not chdir to home directory /home/ppuser1: No such file or directory
id: cannot find name for group ID 564675
-sh-4.1$ passwd
Changing password for user ppuser1.
Current Password: 
New password: 
Retype new password: 
passwd: Authentication token manipulation error
-sh-4.1$

log shows error message:
[sssd[be[LDAP]]] [be_pam_handler_callback] (4): Backend returned: (3, 4, <NULL>) [Internal Error (System error)]

/var/log/sssd/sssd_LDAP.log snipped:

<snip>

(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [simple_bind_done] (9): Server returned control [1.3.6.1.4.1.42.2.27.8.5.1].
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [simple_bind_done] (7): Password Policy Response: expire [-1] grace [1] error [No error].
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [simple_bind_done] (4): Password expired. [1] grace logins remaining.
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [simple_bind_done] (3): Bind result: Success(0), (null)
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [auth_bind_user_done] (9): Found ppolicy data, assuming LDAP password policies are active.
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [sdap_auth4chpass_done] (7): user [uid=ppuser1,dc=example,dc=com] successfully authenticated.
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [sdap_control_create] (3): Server does not support the requested control [1.3.6.1.4.1.42.2.27.8.5.1].
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_send] (4): Executing extended operation
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_send] (8): ldap_extended_operation sent, msgid = 3
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0xccb740], connected[1], ops[0xd74510], ldap[0xd85030]
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: ldap_result found nothing!
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0xccb740], connected[1], ops[0xd74510], ldap[0xd85030]
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_done] (5): Server returned no controls.
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [sdap_exop_modify_passwd_done] (3): ldap_extended_operation result: Constraint violation(19), Password is in history of old passwords
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Backend returned: (3, 4, <NULL>) [Internal Error (System error)]
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Sending result [4][LDAP]
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Sent result [4][LDAP]
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [sdap_handle_release] (8): Trace: sh[0xccb740], connected[1], ops[(nil)], ldap[0xd85030], destructor_lock[0], release_memory[0]
(Wed Aug 31 07:55:42 2011) [sssd[be[LDAP]]] [remove_connection_callback] (9): Successfully removed connection callback.

</snip>