Problem: SelfService Password Change - with Errorcode 20

Knowledge Base Community
, , , ,
#1

We fixed a bug where it was impossible to change passwords via the UMC due to the UMC server not closing file descriptors properly. Please check if an update might fix the problem.

Note: This article specifically caters to setups that do not have Samba4 installed!

Problem

Error changing password
Changing password failed. The reason could not be determined. In case it helps, the raw error message will be displayed: Unable to reach any changepw server  in realm SCHEIN.IG Errorcode 20: The new password could not be set

Fehler bei Passwortänderung
Passwort ändern fehlgeschlagen. Der Grund konnte nicht festgestellt werden. Für den Fall, dass es hilft, hier die originale Fehlernachricht: Unable to reach any changepw server  in realm SCHEIN.IG Errorcode 20: Das neue Passwort konnte nicht gesetzt werden

Environment

Ucs@school central server Master and Slave.
Both without samb4 installed.
So heimdahl is doining kerberos services

Investigation

root@master:~$ kpasswd cscheini
cscheini@SCHEIN.IG's Password:
New password for cscheini@SCHEIN.IG:
Verify password - New password for cscheini@SCHEIN.IG:
kpasswd: krb5_set_password_using_ccache: **Unable to reach any changepw server  in realm** SCHEIN.IG

Solution

Restart the heimdal service on the master:

root@master:~# systemctl restart heimdal-kdc
root@master:~#

Both services need to run

/usr/lib/heimdal-servers/kdc --config-file=/etc/heimdal-kdc/kdc.conf
/usr/lib/heimdal-servers/kpasswdd

ps aufx|grep heim
root     11036  0.0  0.0  14316   980 pts/0    S+   12:00   0:00          \_ grep heim
root     16665  0.0  0.1  68256  5644 ?        S    11:26   0:00 /usr/lib/heimdal-servers/kdc --config-file=/etc/heimdal-kdc/kdc.conf
root     16675  0.0  0.2 172428 10408 ?        S    11:26   0:00  \_ /usr/lib/heimdal-servers/kdc --config-file=/etc/heimdal-kdc/kdc.conf
root     16687  0.0  0.2 172428 10408 ?        S    11:26   0:00  \_ /usr/lib/heimdal-servers/kdc --config-file=/etc/heimdal-kdc/kdc.conf
root     16688  0.0  0.0  68256   688 ?        S    11:26   0:00  \_ /usr/lib/heimdal-servers/kdc --config-file=/etc/heimdal-kdc/kdc.conf
root     16689  0.0  0.2 172428 10408 ?        S    11:26   0:00  \_ /usr/lib/heimdal-servers/kdc --config-file=/etc/heimdal-kdc/kdc.conf
root     16668  0.0  2.4 630276 100232 ?       S    11:26   0:00 /usr/lib/heimdal-servers/kpasswdd
2 Likes
Mastodon