New users - not able to create passwords
When new users are created, the initial password cannot be set:
[root@cd ~]# passwd newuser
Changing password for user newuser.
passwd: Authentication token manipulation error
The error in /var/log/messages:
PAM_smbpass[6570]: Failed to find entry for user newuser
This is a system I have inherited. Here is the system-auth:
auth required pam_env.so
auth requisite pam_unix.so likeauth nullok try_first_pass
auth optional pam_smbpass.so migrate
auth sufficient pam_unix.so likeauth nullok try_first_pass
auth required pam_deny.so
account required pam_unix.so
account sufficient pam_succeed_if.so uid < 100 quiet
account required pam_permit.so
password requisite pam_cracklib.so retry=3
password requisite pam_unix.so nullok use_authtok md5 shadow
password sufficient pam_smbpass.so nullok use_authtok try_first_pass
password required pam_deny.so
session required pam_limits.so
session required pam_unix.so
This is the pam.d passwd file:
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
It looks like when a new user is created, a user in smbpasswd is supposed to be created but it isn't. Can someone help me fix this problem?
Responses
Hi,
Just a suggestion could you please su - as newuser first and then try to change the password ?
su - newuser
then run passwd to see if it allow you to change the password.
Frank
While I was trying to set up a restricted shell with samba password change rules in place I've found this thread ... hope it helps what my guess is.
You get a token error as I think your user is not in SAMBA. You can check via:
1. pdbedit -L | grep newuser
Here is my quick test, done as root:
1. # passwd newuser
Changing password for user newuser.
passwd: Authentication token manipulation error <<< same as yours
- # echo -e "test\ntest" | pdbedit -ta newuser << not sure how to bypass this
- # echo qwerty | passwd --stdin newuser
- # smbclient -U newuser%qwerty '\localhost\DIR' (notice the pass is the one from passwd command and I get a prompt)
If your setup still fails, perhaps a case to RH and a paste of solution will help (me included)
Just found a trick on a website: chpasswd bypasses the samba stuff.
This fails:
useradd -m user116
echo qwe123 | passwd --stdin user116
passwd: Authentication token manipulation error
but this works
echo "user116:qwe123" | chpasswd -m
Hi,
I was facing the same problem, I tried the following - echo "user116:qwe123" | chpasswd -m
It worked if my password is simple, if i have a slight complex password say qwe123! in that case my command will be - echo "user116:qwe123!" | chpasswd -m
which gives an error -
-bash: !": event not found
Could you please guide me how to proceed.
Guru
6435 points
When setting with this method, you need to avoid password strings that include reserved tokens. Reserved tokens will tend to be intercepted by the shell you're running the password set/change process under. In the case of Bash, using the "!" reserved token will result in the error seen. Either: do your scripting in a different shell/language; figure out how to escape the token; or, avoid the problematic token.