On 11/16/2012 10:00 AM, Carlos Velasco wrote:
windows popup in Cisco VPN client, but the change password process fails: ntlm_auth said: Password-Change: No Password-Change-Error: Wrong Password . .
Hmm.
Winbind logs also shows: NT_STATUS_WRONG_PASSWORD
Looking into code I suppose the problem is something with the old NT hash, but not an expert here. Any help would be apreciated.
In these logs the user is "NIMASTELECOM\testpw". The current password is "y58R41ut8W" (expired). And the new password used was "H6eEWu7r65tw38ert1".
There *might* be a bug in the CPW code, but I can't really see how; it tested fine when I wrote it, and the crypto/hash/blob stuff doesn't really leave room for "only if CONDITION X do something invalid". I'll take a look a little bit later but in the meantime can you confirm that if you clear the "must change password", auth works fine with the old/current password?