Univention Bugzilla – Full Text Bug Listing |
Summary: | Self-Service: Password change not possible if pwdChangeNextLogin=1 | ||
---|---|---|---|
Product: | UCS | Reporter: | Michael Grandjean <grandjean> |
Component: | Self Service | Assignee: | Florian Best <best> |
Status: | CLOSED FIXED | QA Contact: | Stefan Gohmann <gohmann> |
Severity: | normal | ||
Priority: | P5 | CC: | gohmann, hahn, markus.daehlmann, schwardt, troeder |
Version: | UCS 4.2 | ||
Target Milestone: | UCS 4.2-3-errata | ||
Hardware: | Other | ||
OS: | other | ||
What kind of report is it?: | Bug Report | What type of bug is this?: | 5: Major Usability: Impairs usability in key scenarios |
Who will be affected by this bug?: | 3: Will affect average number of installed domains | How will those affected feel about the bug?: | 4: A User would return the product |
User Pain: | 0.343 | Enterprise Customer affected?: | |
School Customer affected?: | Yes | ISV affected?: | |
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | 2018011021000433 | Bug group (optional): | |
Max CVSS v3 score: | |||
Bug Depends on: | 44111 | ||
Bug Blocks: | 46010 |
Description
Michael Grandjean
2017-12-04 11:39:09 CET
Happend again: https://help.univention.com/t/self-service-password-change-for-user-with-expired-password-doesnt-work/7476 I was able to reproduce it in a Samba 4 default environment: 27.05.17 01:58:09.798 RESOURCES ( INFO ) : Reloading UCR variables 27.05.17 01:58:09.816 AUTH ( INFO ) : Trying to authenticate user 'stefan' 27.05.17 01:58:09.827 LDAP ( INFO ) : establishing new connection with retry_max=11 27.05.17 01:58:09.839 LDAP ( INFO ) : bind binddn=cn=master421,cn=dc,cn=computers,dc=deadlock42,dc=intranet 27.05.17 01:58:09.848 LDAP ( INFO ) : uldap.search filter=(&(uid=stefan)(objectClass=person)) base= scope=sub attr=['uid'] unique=1 required=0 timeout=-1 sizelimit=0 27.05.17 01:58:09.849 AUTH ( INFO ) : Canonicalized username: 'stefan' 27.05.17 01:58:09.887 AUTH ( INFO ) : PAM says: 'Sie m\xc3\xbcssen Ihr Passwort sofort \xc3\xa4ndern (Passwortablauf).' 27.05.17 01:58:09.888 AUTH ( ERROR ) : PAM: authentication error: ('Authentifizierungstoken ist nicht mehr g\xc3\xbcltig; neues erforderlich', 12) 27.05.17 01:58:09.888 AUTH ( INFO ) : The password has expired and must be renewed. 27.05.17 01:58:09.916 MODULE ( INFO ) : Executing 'AUTH' 27.05.17 01:58:09.917 MAIN ( INFO ) : Setting locale 'de_DE' 27.05.17 01:58:09.917 MODULE ( INFO ) : Executing 'AUTH' 27.05.17 01:58:09.917 MAIN ( INFO ) : Setting locale 'de_DE' Can you have a look? It was introduced by Bug #44111 by Alex in commit 3daf763caea7bec6732df221496944f3914885e3 / svn r78459. The error is only frontend side. The error handler of the frontend did not respect an expired password. This has been implemented. UCS 4.2-3: univention-self-service.yaml 5b38b6e8b86b | Bug #45813: fix changing password if pwdChangeNextLogin=1 univention-self-service (2.0.17-15) 5b38b6e8b86b | Bug #45813: fix changing password if pwdChangeNextLogin=1 ac1a89996cfc | Bug #45813: fix changing password if pwdChangeNextLogin=1 UCS 4.3-0: univention-self-service (3.0.0-3) 6144390d61cd | Bug #45813: fix changing password if pwdChangeNextLogin=1 Thanks! Tests: OK - pwdChangeNextLogin=1: OK - pwdChangeNextLogin=0: OK - pwdChangeNextLogin=0 and logged in: OK Code review: OK YAML: OK I have to reopen it. I don't see the dialog that the password has been changed: Bug #45457 (In reply to Stefan Gohmann from comment #7) > I have to reopen it. I don't see the dialog that the password has been > changed: Bug #45457 Bug #45457 was about the other module "Password forgotten". Nevertheless I added the same dialog to this module as well. https://git.knut.univention.de/univention/ucs/commit/418b1e1f1567eed6bface215c88efde8e89d2947 Merged also to UCS 4.3. That makes sense. Thanks! Directly after changing the password, the old password input field is marked as invalid. I've created a new bug for it: Bug #46051 I've updated the YAML file: https://git.knut.univention.de/univention/ucs/commit/d7b7d5912de36297de12b48657273b231742a0d2 |