LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   How to Change Password of Domain User on Ubuntu Box (https://www.linuxquestions.org/questions/linux-newbie-8/how-to-change-password-of-domain-user-on-ubuntu-box-648208/)

darknight1726 06-10-2008 02:22 AM

How to Change Password of Domain User on Ubuntu Box
 
Hi to All,

I have created a Linux Box (Ubuntu) where domain users of Active Directory can log in. I have successfully login the domain accounts and I'm trying to change password of a domain user.

DOMAIN\admin@sampledesktop:~$ passwd
passwd: User not known to the underlying authentication module
passwd: password unchanged

Please see below some PAM config.

/etc/pam.d/common-password:
password requisite pam_unix.so nullok obscure md5
password required pam_smbpass.so nullok use_authtok try_first_pass

/etc/pam.d/common-auth:
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
auth sufficient /lib/security/pam_winbind.so use_first_pass
auth required /lib/security/pam_deny.so

account required /lib/security/pam_unix.so broken_shadow
account sufficient /lib/security/pam_localuser.so
account sufficient /lib/security/pam_succeed_if.so uid < 100 quiet
account [default=bad success=ok user_unknown=ignore] /lib/security/pam_winbind.so
account required /lib/security/pam_permit.so

password requisite /lib/security/pam_passwdqc.so retry=3
password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow
password sufficient /lib/security/pam_winbind.so use_authtok
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so

auth optional /lib/security/pam_smbpass.so migrate

I'm hoping someone can help me to find a solution to thing.

That's all.

Duck2006 06-10-2008 08:14 AM

sudo passwd (user name)

darknight1726 06-11-2008 04:38 AM

A, ok thanks. However, I've encountered some problems on using sudo for domain users. Although I've inserted the domain group on visudo, system return a message, not in the sudoer file. Before this, I also have error on listing domain user / group (wbinfo -u /-g), saying error listing on domain users /groups.

Is it a prerequisite to have a successful listing of domain user /group although it's successful to connect on domain users on my ubuntu desktop? or it just a wrong contents on /etc/pam.d/sudo?

/etc/pam.d/sudo entries:
auth sufficient pam_winbind.so
auth sufficient pam_unix.so nullok_secure use_first_pass
auth required pam_deny.so
@include common-account


I hope you could help me with this. Thanks.


All times are GMT -5. The time now is 03:04 PM.