Winbind: Logged in active directory user cannot use passwd

trann · 2016-03-22 16:55:45

So I have had my arch system up for a few months now and I just now ran into the expiration of my AD password. When I log in via a tty, I get the following error:

passwd: User not known to the underlying authentication module
passwd: password unchanged

After passwd is run, I then check the output of journalctl -n 10:

passwd[pid#]: pam_unix(passwd:chauthtok): user "my.name" does not exist in /etc/passwd

Here is what my /etc/pam.d/system-auth looks like:

#%PAM-1.0

auth	required	pam_env.so
auth 	sufficient	pam_unix.so	try_first_pass nullok
auth	required 	pam_winbind.so	krb5_auth krb5_ccache_type=FILE cached_login try_first_pass
auth	optional	pam_permit.so

account	sufficient	pam_unix.so
account     sufficient	pam_winbind.so try_first_pass
account	optional	pam_permit.so
account     required	pam_time.so

password	sufficient	pam_krb5.so
password	sufficient	pam_cracklib.so nullok retry=3
password	sufficient	pam_unix.so sha512 shadow
password	sufficient	pam_winbind.so try_first_pass
password	optional	pam_permit.so

session	required	pam_mkhomedir.so skel=/etc/skel/ umask=0022
session	sufficient	pam_unix.so
session	sufficient	pam_winbind.so try_first_pass
session	required	pam_limits.so
session     required	pam_env.so
session	optional	pam_permit.so
session	optional	pam_umask.so
session     optional	pam_systemd.so

Everything else related to Winbind and AD connectivity is working perfectly fine. The system is showing connected to the domain listed in smb.conf, wbinfo works for both users and groups, net ads testjoin works fine. I can literally do any other activity related to the connected domain I need to do EXCEPT for using passwd. Any ideas?

Thank you!

Arch Linux

#1 2016-03-22 16:55:45

Winbind: Logged in active directory user cannot use passwd

Board footer