winbind和passwd问题
我成功配置了一个Ubuntu 15.10工作站来对Active Directory进行身份validation。 到目前为止唯一剩下的就是能够更改Active Directory密码。 当我输入命令passwd
记录在Active Directory用户中我看到以下内容:
情况1:
aduser@xenomorph:~$ passwd Changing password for aduser (current) NT password: passwd: Permission denied passwd: password unchanged
案例2:
aduser@xenomorph:~$ passwd aduser Changing password for aduser (current) NT password: passwd: Permission denied passwd: password unchanged
案例3:
aduser@xenomorph:~$ passwd DOMAIN\\aduser Changing password for DOMAIN\aduser (current) NT password: passwd: Permission denied passwd: password unchanged
在所有三种情况下,我都会收到以下日志(用户名更改但错误相同):
Nov 19 12:58:59 xenomorph passwd[5691]: pam_unix(passwd:chauthtok): user "aduser" does not exist in /etc/passwd Nov 19 12:58:59 xenomorph passwd[5691]: pam_winbind(passwd:chauthtok): getting password (0x0000002a) Nov 19 12:59:03 xenomorph passwd[5691]: pam_winbind(passwd:chauthtok): user 'aduser' granted access Nov 19 12:59:03 xenomorph passwd[5691]: pam_unix(passwd:chauthtok): user "aduser" does not exist in /etc/passwd Nov 19 12:59:03 xenomorph passwd[5691]: pam_winbind(passwd:chauthtok): getting password (0x00000012)
我的pam.d
文件: common-password
看起来像这样(为了更好的可读性,我删除了所有注释):
password [success=2 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512 password [success=1 default=ignore] pam_winbind.so use_authtok try_first_pass password requisite pam_deny.so password required pam_permit.so password optional pam_gnome_keyring.so
我没有任何线索如何解决这个问题。 有任何想法吗?