Community Forum

alexondi
alexondi
Offline
Resolved
0 votes
Hello!
I install latest ClearOS 5.2 and set domain for my network. And now I can change passwords for user only from webconfig. When user try change password from windows XP (or windows 7) interface they get 'you don't have rights for change password'
and in log I see error

system userpasswd: password change failed for avp: Parameter is invalid - Username

I try from console
/usr/sbin/userpasswd avp
...
and get same error

Can anybody help my with this problem?

Thank you!
Alexander
Thursday, July 29 2010, 06:02 AM
Share this post:
Responses (57)
  • Accepted Answer

    Thursday, January 26 2012, 10:49 AM - #Permalink
    Resolved
    0 votes
    Sorry I can't help with why it doesn't appear in the updates list. The Users module also is not on mine...

    The latest version is app-users-5.2.21. I'd recommend you upgrade using
    yum clean all && yum upgrade
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, January 26 2012, 02:50 AM - #Permalink
    Resolved
    0 votes
    Tim,

    I have same issue trying to get passwords updated so checked the updates:

    When I use webconfig panel all my updates appear to be working and enabled. Many are at 5.2.20 and app-samba-api is 5.2.21 however I can not locate app-users at all in this list.

    Command line provides this:

    [root@gw1 ~]# rpm -q app-users
    app-users-5.2-10
    [root@gw1 ~]#

    I do not want to update from command line until I understand why it did not update automatically and why it is not listed in the Software Updates panel.

    Many thanks,

    Andy


    EDIT

    Attached output of the Modules and Software listing [file name=webconfig_dump.txt size=9633]http://www.clearfoundation.com/media/kunena/attachments/legacy/files/webconfig_dump.txt[/file]
    The reply is currently minimized Show
  • Accepted Answer

    Pat Osborn
    Pat Osborn
    Offline
    Thursday, September 15 2011, 06:14 PM - #Permalink
    Resolved
    0 votes
    Hello-

    I am experiencing the password change issue with a new install of 5.2 service pack 1 (just freshly downloaded 2 days ago)and windows xp clients. It looks like smb.conf was changed since the beginning of the thread and matches the password chat time suggested earlier in this thread. Also the version app-samba-api-5.2-21 is correct. The ClearOS install is standalone without firewall.

    I have the password policy set to minimum 5 chars (yes all attempts are more than that), modify any time, no expire, and no history for now.

    I am not having any luck finding a solution that isn't already 'in place' as this is a brand new install.

    Any thoughts would be very welcome.
    The reply is currently minimized Show
  • Accepted Answer

    John
    John
    Offline
    Friday, September 02 2011, 12:39 PM - #Permalink
    Resolved
    0 votes
    Hi all,

    This problem keeps returning and I tried several Windoze 7 related solutions without result, so for now I am giving up on this.
    The only solution that works for me is to create shortcuts with the static ip address instead of using the host name.
    It's quick and dirty, but I don't see another solution ...

    Please advice,

    John
    The reply is currently minimized Show
  • Accepted Answer

    John
    John
    Offline
    Sunday, June 26 2011, 11:25 PM - #Permalink
    Resolved
    0 votes
    Hi all,

    Without making any changes, the Windoze 7 login problem suddenly disappeared ... :blink:
    Can anyone shed some light on what could have happened, because otherwise it's just a matter of time before it returns again ... ?!?

    Please advice,

    John
    The reply is currently minimized Show
  • Accepted Answer

    John
    John
    Offline
    Monday, June 20 2011, 04:31 PM - #Permalink
    Resolved
    0 votes
    Hi all,

    I am sorry to report that the problem has returned again ... with a vengeance ... :(
    This time it's no longer a firewall issue, because when switching to "standalone without firewall", the problem persists.

    The problem only occurs on Win7 clients while no changes have been made to the setup and according to my knowledge, all required services are up and running.
    Occasionally I got an error message with something like, that there where too many connections to the server ... or something, but I didn't write it down ... :blush: ... yet
    The usual response is that I get another chance of typing the write password ... :blink: ... dohhh ...

    Can someone please advice me about this, because this reoccurring issue is starting to get the most out of me ... :angry:
    Please advice,

    John
    The reply is currently minimized Show
  • Accepted Answer

    John
    John
    Offline
    Tuesday, June 07 2011, 01:47 PM - #Permalink
    Resolved
    0 votes
    Thank you Nick,

    I added the following deviating Incoming Allow rules (not required for Windoze XP):
    137 TCP
    138 TCP
    139 UDP
    445 UDP

    Not sure why Windoze 7 suddenly requires these additional rules, but for now it solved the problem.

    Greetings,

    John

    Ps. IP tables is something I'd rather not screw around with, since one little mistake can break the whole firewall.
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, June 04 2011, 03:32 PM - #Permalink
    Resolved
    0 votes
    John, I'd suggest opening both UDP and TCP for 135, 137-9 and 445 for starters and see if that fixes your problem. Alternatively add 2 firewall rules:
    iptables -A INPUT -p udp -s {your_LAN_subnet} -j LOG
    iptables -A INPUT -p tcp -s {your_LAN_subnet} -j LOG

    Then monitor /var/log/messages for all blocked packets. You can set up a separate log if you want as well by adding
    kern.5                          /var/log/firewall
    to /etc/syslog.conf then restart syslog with a "service syslog restart". You should stop logging like this when you can or set logrotate to rotate /var/log/firewall. Otherwise the log will just keep getting bigger. Firewall messages will go to both logs and /var/log/firewall will get a few other messages as well.
    The reply is currently minimized Show
  • Accepted Answer

    John
    John
    Offline
    Saturday, June 04 2011, 02:21 PM - #Permalink
    Resolved
    0 votes
    Thanks Manu,

    My problem is of a different kind.
    I have a standalone COS box with FW and discovered that, when I change it to a standalone without FW, the Win7 clients are able to login again.
    The strange thing is that I did not make any changes and that previously they where able to login ... :blink:
    Restarting the FW did not solve the problem.

    Anyway ... I use the following custom firewall rules by entering the 'Protocol', 'Source Address' 192.168.1.0/24 and the using the 'Destination Port (Range)':
    http://www.clearfoundation.com/media/kunena/attachments/legacy/images/adv_fw.jpg
    (non relevant ports have been blanked out)

    Am I missing a port or did I make a mistake somewhere ... ?!?
    I thought that I did some extensive research on properly opening the correct ports ... :blush:

    Please advice,

    John
    The reply is currently minimized Show
  • Accepted Answer

    Manu
    Manu
    Offline
    Sunday, May 29 2011, 05:36 PM - #Permalink
    Resolved
    0 votes
    Hi.

    I have the same Problem: Domain user can not change his password, client system: Windows 7. The Error-Message which i get is: The password on this account cannot be changed at this time.

    I issued the yum commands Tim Burgess provided, rebooted server and client (to be sure) but the problem persists.

    My server installation is brand new and yum update did install many updates :)
    So what's wrong? How to solve the problem?


    Regards,
    Manu


    EDIT - Solved:

    I did solve the Problem... In my case the problem was, that my initial password (set in the webinterface) was only 4 characters long (testpurposes...). But the minimal length should be 5 chars. After changing the Password in the web-interface to a longer one, the user was able to change his pw :)

    Thanks anyway, I hope my posts helps someone else.
    The reply is currently minimized Show
Your Reply