winbind 和 passwd 问题

winbind 和 passwd 问题

我成功配置了 Ubuntu 15.10 Workstation 以针对 Active Directory 进行身份验证。到目前为止唯一剩下的就是更改 Active Directory 密码的能力。当我passwd以登录 Active Directory 用户的身份输入命令时,我看到以下内容:

情况1:

aduser@xenomorph:~$ passwd
Changing password for aduser
(current) NT password: 
passwd: Permission denied
passwd: password unchanged

案例 2:

aduser@xenomorph:~$ passwd aduser
Changing password for aduser
(current) NT password: 
passwd: Permission denied
passwd: password unchanged

案例三:

aduser@xenomorph:~$ passwd DOMAIN\\aduser
Changing password for DOMAIN\aduser
(current) NT password: 
passwd: Permission denied
passwd: password unchanged

在这三种情况下我都会收到以下日志(用户名发生变化但错误相同):

Nov 19 12:58:59 xenomorph passwd[5691]: pam_unix(passwd:chauthtok): user "aduser" does not exist in /etc/passwd
Nov 19 12:58:59 xenomorph passwd[5691]: pam_winbind(passwd:chauthtok): getting password (0x0000002a)
Nov 19 12:59:03 xenomorph passwd[5691]: pam_winbind(passwd:chauthtok): user 'aduser' granted access
Nov 19 12:59:03 xenomorph passwd[5691]: pam_unix(passwd:chauthtok): user "aduser" does not exist in /etc/passwd
Nov 19 12:59:03 xenomorph passwd[5691]: pam_winbind(passwd:chauthtok): getting password (0x00000012)

我的pam.d文件:common-password看起来像这样(为了更好的可读性我删除了所有注释):

password [success=2 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512
password [success=1 default=ignore] pam_winbind.so use_authtok try_first_pass
password requisite pam_deny.so
password required pam_permit.so
password optional pam_gnome_keyring.so 

我不知道如何解决这个问题。有什么想法吗?

相关内容