5 Cups of Ubuntu
I'm posting this to help other Ubuntu users that are joining their machines to an Active Directory network and need to change their user account password.
If you use the standard passwd command you'll get an unhelpful error.
You will need to use the kpasswd command instead.Code:$ passwd Current password: New password: Re-enter password: Password does not meet requirements passwd: Authentication token manipulation error passwd: password unchanged
5 Cups of Ubuntu
Update:
My previous post was incorrect. What I didn't realize was that the Active Directory domain's security policy only allowed one password change during a 24 hour period. It was just by coincidence that my usage of kpasswd occurred a few moments after 1 day of my previous change.
This morning I temporarily lowered the AD security policy for testing.
Using Group Policy Manager Editor (GPME)
Default Domain > Computer Configuration > Policies > Security Settings > Account Policies > Password Policy > Minimum password age = 0 days
Note: I do not recommend leaving the policy set to zero days. That could allow a rogue entity to change passwords without the true user noticing
Next I cleared the Likewise-open cache:
Then I was able to change password from either passwd or kpasswd as many times as I wanted as long as they were different and met the complexity requirements.Code:sudo service lsassd stop sudo rm -f /var/lib/likewise/db/lsass-adcache.db sudo rm -f /var/lib/likewise/db/lsass-local.db sudo service lsassd start
Adv Reply
Bookmarks