This is on OpenSuSe 10.2 regardless if this is run by root or user. This was tried across multiple machines with the same results.
Logged In: NO
Sorry forgot to mention this is with Usermin 1280 and I just tried Usermin 1260 with the same results. Gut feeling is this will be a OpenSuSe specific issue.
Logged In: YES
So which Usermin module were you using to do the password - was it 'Change Password', or is it the dialog that appears at login time when your password has expired?
I am using the change password module with PAM. I have run it both as root and the user. I have not tried expiring my password and loging in as of yet.
Does anything appear in /var/log/secure or /var/log/authlog when you try the password change? Usually PAM will log something explaining what went wrong..
In /var/log/warn I get (Invalid Credentials) I should mention on this box I am using PAM to authenticate against LDAP. On the other box I tested it locally so.... Anyway I have typed my password and copied and pasted to ensure this was not a repeated Typo :D
If you are using LDAP, make sure that both /etc/pam.d/usermin and /etc/pam.d/passwd are setup to talk to the LDAP server, with pam_ldap.so lines.
By the way, can you change the password at the command line with the 'passwd' command?
Yes both services have LDAP added to both PAM files and yes I can change the password with passwd.
One work-around then would be to have the module use the 'passwd' command instead of PAM.
This can be done by editing /etc/usermin/changepass/config , and changing the passwd_cmd line to read :
The passwd command should still call PAM, if it is working properly. If configuring Usermin to use it works, that will narrow down the problem somewhat..
I am still working on this. The passwd command still fails. Though I can login to usermin it appears this is failing when it checks the user password. I am now certain this is a configuration issue since I can replicate on Ubuntu as well. I will keep on banging my head against this brick wall :D
Ok, if the passwd command fails too then it looks to be a more lower-level problem ..
Let me know if you this ends up being definitively a Usermin bug though.
Logged In: YES
I just didn't see this bug report before reporting my problem.
Please have a look at Bug 1746036 ( ChangePass PAM does not work with pam_ldap),
maybe the solution provided there also helps here.