[Bug 329067] [NEW] Cannot change password on ldap client unless libpam-cracklib also installed

[stephen mulcahy]

Public bug reported:

Binary package hint: libpam-ldap

I have a working LDAP client config using libnss-ldapd and libpam-ldap.

I can login to the system using any valid LDAP user.

However, when I attempt to change the password using 'passwd', the
following occurs

stemul at dev:~$ passwd
Enter login(LDAP) password:
passwd: password updated successfully
stemul at dev:~$

The command returns without ever giving me the chance to change the
password (although it does require the correct password to even get this
far).

Some Googling suggested removing use_authtok from vi /etc/pam.d/common-
password changing the line

password        [success=1 user_unknown=ignore default=die]
pam_ldap.so use_authtok try_first_pass

to

password        [success=1 user_unknown=ignore default=die]
pam_ldap.so try_first_pass

After doing this, I can now change my password using passwd.

It looks like use_authtok only makes sense in common-password if you
have installed libpam-cracklib or similar - is that correct?

Thanks

** Affects: libpam-ldap (Ubuntu)
     Importance: Undecided
         Status: New

-- 
Cannot change password on ldap client unless libpam-cracklib also installed
https://bugs.launchpad.net/bugs/329067
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs