IPA Problems

Hi THis morning I was asked to reset the user password of one of our IPA/LDAP user accounts.

After I reset the password I tried to logon to a particular ssh machine .

The system asked to cheange the password as expeceted.

I entered the NEw Password and the Re enter the the new password after this the system answered with:

passwd: Authentication token manipulation error

So in order to test this situation I created a new account and I had the same problem with the new account.

I try also to reset another user password and I got the same problem.

It seems that I'm not be able to reset anybody user password.

Any ideas????

From the krb5kdc.log

I get : Nov 19 14:35:31 ldap.webdom.lifesci.ucla.edu krb5kdc[1610](info): AS_REQ (4 etypes {18 17 16 23}) 164.67.110.65: PREAUTH_FAILED: taccount@myserver.com for kadmin/changepw@myserver.com, Decrypt integrity check failed

from the /var/lib/dirsrv/slapd-server.com/errors file I get:

ipapwd_setPasswordHistory - [file ipapwd_common.c, line 926]: failed to generate new password history!
[19/Nov/2012:14:35:40 -0800] managed-entries-plugin - mep_mod_post_op: Unable to find config for origin entry "uid=taccount,cn=users,cn=accounts,dc=myserver,dc=com".

Any idea on what's going on?

Thank you

Marcello