Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » PAM authenticated user cannot change its password

Messages: 2
Karma: 0
Send a private message to this user

we've got a serious problem concerning changing a password with PAM and LDAP as userdata backend. We are using Novell SLES 9 SP 2 and Kerio Mailserver 6.1.2 and as mentioned everything works great except changing a password. Doing this on the linux prompt with 'passwd' works well, too.

A similar problem should be fixed since KMS v6.1.1 (form changelog: "- User with Linux PAM authentication could not change his password") but now with v6.1.2 there is no way for a user to change its own password.

As mentioned authentication works great with Webmail, Kerio Outlook Connector and on the linux prompt. But changing a user's password with the Webmail interface results in the following error message:
"New password is invalid"

The server logs the following in /var/log/messages:
Dec 16 16:14:52 linux mailserver: pam_ldap: error trying to bind as user "uid=<username>,ou=<org_unit>,dc=<ourdomain>,dc=<com> " (Invalid credentials)
Dec 16 16:14:52 linux last message repeated 2 times
Dec 16 16:14:52 linux mailserver: pam_ldap: error getting old authentication token (No module specific data is present)

In mailserver's warning-log says:
[16/Dec/2005 16:14:52] PAM failed setting new password for user <username> with Authentication failure

Quite strange is the behaviour when trying to set the new user password to its old. If you access the password-change-interface and provide the old password three times (in the fields: old pw, new pw, confirm new pw) a success message is returned and (of course) nothing is changed...

Does anyone has an idea what is going wrong?
Previous Topic: Entourage 2004 SP2 (11.2.1) Speed Increase
Next Topic: Re: Kerio Forums
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 07:14:13 CET 2017

Total time taken to generate the page: 0.00335 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.