Intro #
From a RELIANOID ADC system, there is a situation where the password of an user couldn’t be changed. The logs system shows something like:
Jul 27 11:57:23 relianoid10-lb enterprise.bin[80915]: (INFO) webgui :: STATUS: 200 REQUEST: GET /zapi/v4.0/zapi.cgi/system/users Jul 27 11:57:35 relianoid10-lb dhclient[527]: XMT: Solicit on eth0, interval 113070ms. Jul 27 11:57:38 relianoid10-lb enterprise.bin[80988]: (INFO) api :: POST DATA: {"password":"*******","newpassword":"*******"} Jul 27 11:57:38 relianoid10-lb enterprise.bin[80988]: (INFO) rbac :: Request from johndoe to POST /system/users. Action allowed Jul 27 11:57:38 relianoid10-lb enterprise.bin[80988]: (ERROR) Error trying to change the johndoe password Jul 27 11:57:38 relianoid10-lb enterprise.bin[80988]: (ERROR) webgui :: Modify the user johndoe: Changing the password in the RBAC user johndoe. Jul 27 11:57:38 relianoid10-lb enterprise.bin[80988]: (INFO) webgui :: STATUS: 400 REQUEST: POST /zapi/v4.0/zapi.cgi/system/users Jul 27 11:57:38 relianoid10-lb enterprise.bin[80988]: (INFO) webgui :: Changing the password in the RBAC user johndoe.
If PAM authentication modules are enabled in a Linux System to apply some security and hardened user management, if some manual manipulation is done in /etc/passwd, /etc/shadow or /etc/group files, there is a weird but possible situation that some inconsistencies are found in the user creation procedure.
johndoe@noid-ee-01:/$ passwd johndoe passwd: Authentication token manipulation error passwd: password unchanged
This error doesn’t allow to change the password to a system user from the Linux command line. To address this issue you can try several things, see below.
Try the command pwconv #
If you execute this command from the administrator user, the files /etc/passwd and /etc/shadow are regenerated. Please, consider to make a backup to those files before applying this command.
root@noid-ee-01:/$ pwconv
If the pwconv command doesn’t work, please try the next one.
Try the command pam-auth-update #
PAM is a set of modules for authentication to a linux system. This command reconfigures the central authentication policy for the PAM system in the Linux server using the pre-defined profiles.
root@noid-ee-01:/$ pam-auth-update
If the pam-auth-update doesn’t work, then apply the next one.
Try a system reboot #
Probably, a failure with the filesystem mount could be found, so please try as the last option to fix this problem.