Ubuntu
likewise-open package

0xb5affb40:Failed to change password of user (name = 'save') -> error = 31

Bug #1046275 reported by Satskiy Anton
28
This bug affects 5 people
Affects Status Importance Assigned to Milestone
likewise-open (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

likewise-open:
  Установлен: 6.1.0.406-0ubuntu5
  Кандидат: 6.1.0.406-0ubuntu5
  Таблица версий:
 *** 6.1.0.406-0ubuntu5 0
        500 http://ua.archive.ubuntu.com/ubuntu/ precise/main i386 Packages
        100 /var/lib/dpkg/status

Description: Ubuntu 12.04.1 LTS
Release: 12.04
After i creater test user="save" i wish that he need to change his password after first login.
After entering pwd of this user wellcome screen says that i need to type current pwd and than 2 times the new one.
i can't change password in AD through welcome screen

Sep 5 14:18:53 user-system-product-name lsassd[1027]: 0xab0ecb40:Failed to authenticate user (name = 'save') -> error = 40024, symbol = LW_ERROR_PASSWORD_EXPIRED, client pid = 11111
Sep 5 14:18:53 user-system-product-name lsassd[1027]: 0xab8edb40:Failed to validate user for login (name = 'save') -> error = 40024, symbol = LW_ERROR_PASSWORD_EXPIRED, client pid = 11111
Sep 5 14:18:53 user-system-product-name lightdm: [module:pam_lsass]pam_sm_acct_mgmt failed [login:save][error code:40024]
Sep 5 14:18:53 user-system-product-name lsassd[1027]: 0xab8edb40:Failed to validate user for login (name = 'save') -> error = 40024, symbol = LW_ERROR_PASSWORD_EXPIRED, client pid = 11111
Sep 5 14:18:53 user-system-product-name lightdm: [module:pam_lsass]pam_sm_acct_mgmt failed [login:save][error code:40024]
Sep 5 14:20:16 user-system-product-name lsassd[1027]: 0xb5affb40:Failed to authenticate user (name = 'save') -> error = 40024, symbol = LW_ERROR_PASSWORD_EXPIRED, client pid = 11111
Sep 5 14:20:16 user-system-product-name lightdm: [module:pam_lsass]LsaPamCheckCurrentPassword failed [login:save][error code: 40024]
Sep 5 14:20:23 user-system-product-name lsassd[1027]: 0xb5affb40:Failed to change password of user (name = 'save') -> error = 31, symbol = ERROR_GEN_FAILURE, client pid = 11111
Sep 5 14:20:23 user-system-product-name lightdm: [module:pam_lsass]LsaPamUpdatePassword failed [login:save][error code: 31]
Sep 5 14:20:23 user-system-product-name lightdm: [module:pam_lsass]pam_sm_chauthtok failed [error code: 31]
^C
root@user-system-product-name:/home/user# LsaPamUpdatePassword failed [login:save][error code: 31

See original description
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in likewise-open (Ubuntu):
status: New → Confirmed
Revision history for this message
Falco van Dooremolen (falcovd-p) wrote :

Running ubuntu 11.10

my auth.log:
Oct 18 15:18:54 sysid1300791205 su[5382]: Successful su for DOMAIN.COM\USERNAME by root
Oct 18 15:18:54 sysid1300791205 su[5382]: + /dev/pts/0 root:DOMAIN.COM\USERNAME
Oct 18 15:18:54 sysid1300791205 su[5382]: pam_unix(su:session): session opened for user DOMAIN.COM\USERNAME by me(uid=0)
Oct 18 15:19:03 sysid1300791205 passwd[5440]: pam_unix(passwd:chauthtok): user "DOMAIN.COM\USERNAME" does not exist in /etc/passwd
Oct 18 15:19:10 sysid1300791205 passwd[5440]: [module:pam_lsass]LsaPamCheckCurrentPassword failed [login:DOMAIN.COM\USERNAME][error code: 40024]
Oct 18 15:19:10 sysid1300791205 passwd[5440]: pam_unix(passwd:chauthtok): user "DOMAIN.COM\USERNAME" does not exist in /etc/passwd
Oct 18 15:19:19 sysid1300791205 passwd[5440]: [module:pam_lsass]LsaPamUpdatePassword failed [login:DOMAIN.COM\USERNAME][error code: 31]
Oct 18 15:19:19 sysid1300791205 passwd[5440]: [module:pam_lsass]pam_sm_chauthtok failed [error code: 31]
Oct 18 15:22:21 sysid1300791205 su[5382]: pam_unix(su:session): session closed for user DOMAIN.COM\USERNAME

Revision history for this message
Constantin Comarniceanu (comarc) wrote :

No AD user is able any more to change expired password in GUI or console.

Revision history for this message
Alex (stevanovic-aleksandar) wrote :

Same goes over here, since I was not able to change domain user password upon setting User must change password at next logon.

This pose a big problem, since we plan to do large scale migration in corporation with more than 100+ workstations, but with Microsoft domain AD kept.

description: updated
Revision history for this message
JorSol (jorsol) wrote :

I have the same problem:

Jan 3 08:51:22 desktop lsassd[1263]: 0x7f00357fa700:Failed to change password of user (name = 'myuser') -> error = 31, symbol = ERROR_GEN_FAILURE, client pid = 4962
Jan 3 08:51:22 desktop lightdm: [module:pam_lsass]LsaPamUpdatePassword failed [login:myuser][error code: 31]
Jan 3 08:51:22 desktop lightdm: [module:pam_lsass]pam_sm_chauthtok failed [error code: 31]

Using likewise-open 6.1.0.406-0ubuntu5.1 on Ubuntu 12.04.3

Revision history for this message
Михаил (masuhanov) wrote :

I have the same problem too.
When to expect a decision?

Revision history for this message
Constantin Comarniceanu (comarc) wrote :

I do not know if it is relevant but changing AD password using LDAP is not any more posible when the user password has expired, because it tries to bind with the expired username and fails. You must use kerberos instead.

Revision history for this message
Tom Chiverton (bugs-launchpad-net-falkensweb) wrote :

This still happens nine months later.

How can it be 'undecided'; how many other people are getting locked out of their machines because they went on holiday ?

Luckily I had a backup local account with sudo access so I could still work while I found a spare Windows machine I could log in on. Not a very good advert is it ?

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.