On Fri, 2011-02-11 at 15:04 +0000, Alex Cartwright wrote: > When trying to change a user account password using "chpasswd" that is stored > in > LDAP it fails, where as changing it with "passwd" works just fine. > > $ echo "foobar:qwerty" | sudo chpasswd > chpasswd: (user foobar) pam_chauthtok() failed, error: > Authentication token manipulation error > chpasswd: (line 1, user foobar) password not changed
Could you include the information from the PAM module
(from /var/log/auth.log) and nslcd (/var/log/syslog)?
For libpam-ldapd there are basically two different modes for changing a
password:
- by the user: for this you need the old and the new password
- by the system administrator: for this you need the administrator
password that matches the rootpwmoddn option (and the new password)
With nss-pam-ldapd 0.8 and there is also a rootpwmodpw option to allow
changing a password by the administrator without prompting for the
administrator password.
--
-- arthur - adej...@debian.org - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part
