On Red Hat Enteprise Linux 6 system, why are LDAP/sssd Users not able reset Password?
Issue
- User is having trouble with resetting password. The below errors logged in
/var/log/secure
:
Dec 19 14:32:00 ncc11645 sshd[30943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c001288974.p3fpd.na.cat.com user=gawartm
Dec 19 14:32:00 ncc11645 sshd[30943]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=c001288974.p3fpd.na.cat.com user=gawartm
Dec 19 14:32:00 ncc11645 sshd[30943]: pam_sss(sshd:auth): received for user gawartm: 12 (Authentication token is no longer valid; new one required)
Dec 19 14:32:00 ncc11645 sshd[30943]: pam_sss(sshd:account): User info message: Password expired. Change your password now.
Dec 19 14:32:00 ncc11645 sshd[30943]: Accepted password for gawartm from 10.229.6.181 port 51125 ssh2
Dec 19 14:32:00 ncc11645 sshd[30943]: pam_unix(sshd:session): session opened for user gawartm by (uid=0)
Dec 19 14:32:00 ncc11645 sshd[30943]: User child is on pid 31031
Dec 19 14:32:05 ncc11645 passwd: pam_unix(passwd:chauthtok): user "gawartm" does not exist in /etc/passwd
Dec 19 14:32:11 ncc11645 passwd: pam_sss(passwd:chauthtok): Authentication failed for user gawartm: 7 (Authentication failure)
Dec 19 14:32:12 ncc11645 sshd[31031]: Connection closed by 10.229.6.181
Dec 19 14:32:12 ncc11645 sshd[31031]: Transferred: sent 3824, received 2176 bytes
Dec 19 14:32:12 ncc11645 sshd[31031]: Closing connection to 10.229.6.181 port 51125
Dec 19 14:32:12 ncc11645 sshd[30943]: pam_unix(sshd:session): session closed for user gawartm
- This Red Hat Enterprise Linux 6 system is configured as ldap client using sssd.
- Red Hat Directory Server 9 is the ldap server.
Environment
- Red Hat Enterprise Linux 6.4
- sssd-1.9.2-82.10.el6_4.x86_64
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.