Bug 31898 - Password change in UMC may fail for certain client environments
Password change in UMC may fail for certain client environments
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UMC - User settings
UCS 3.1
Other Linux
: P5 normal (vote)
: UCS 3.1-1-errata
Assigned To: Dirk Wiesenthal
Florian Best
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-07-05 10:57 CEST by Dirk Ahrnke
Modified: 2013-07-29 13:53 CEST (History)
5 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Dirk Ahrnke 2013-07-05 10:57:12 CEST
Environment:
Server: UCS 3.1-1
Client: Windows 7 64 Bit (used here: Ultimate Edition)

steps to reproduce:
enable "Change password on next login" for a certain account (options enabled: Samba, Kerberos, personal information, Posix, Mail)
udm-self should be enabled
logon in UMC and try to change the password

results:
In IE9 (9.0.8112.16421) the password changes fails with "The system does not allow changing the password. The reason could not be determined. In case it helps, the raw error message will be displayed: Authentication failed."

In FF22 the change may not be possible as the the browser will not present the dialog, instead the GUI loops
Comment 1 Dirk Ahrnke 2013-07-05 11:00:09 CEST
The behaviour was reported in http://forum.univention.de/viewtopic.php?f=48&t=2740.

Note: I could reproduce the Loop in FF22 only once. In this case the "unsupported media type" shown in the screenshot http://forum.univention.de/download/file.php?id=255&mode=view appeared too.
Comment 2 Dirk Wiesenthal univentionstaff 2013-07-10 17:14:09 CEST
Should be fixed in
  univention-management-console-frontend 2.0.244-18.658.201307101548
and
  univention-management-console-frontend 3.0.15-1.659.201307101604

YAML: 2013-07-10-univention-management-console-frontend.yaml
Changelog updated

Fixed a problem with IE sending the wrong username. This happens when tools.status('username') is set, but not to the username one uses to change the expired password. E.g. if last username was Administrator (and one logged out) and now one tries to login as ExpiredUser (but password is expired), the "change password form" had the username prefilled with the old username Administrator, not the new one ExpiredUser. Thus the expired password from ExpiredUser is used to authenticate Administrator and this fails.

Also fixes the standby Animation to stop immediately. If login.html is not loaded fast enough a function threw an (unimportant) error causing the part where the standby animation was stopped never to be reached.
Comment 3 Florian Best univentionstaff 2013-07-12 10:55:13 CEST
The fix is OK and does not send the old username anymore.

YAML: Ok
SVN: Ok
Changelog: Ok
Comment 4 Moritz Muehlenhoff univentionstaff 2013-07-29 13:53:12 CEST
http://errata.univention.de/ucs/3.1/158.html