Reset password don't work


Today one of my Nethserver user cant connect to his email, trying to reset the password … the reset seems not working

trying to create a new email to redirect the mail… the new user password simply won’t work…

trying to change password from ADUC, simply don’t work… I mean, I can create new user from that but… password issue still remain… so I cannot connect to the new account email…

any idea?

there is a way to manage user for the AD form terminal?

Hi @trogloraspa
Can you give a bit more info on your situation?
What account provider do you use?
What client does the user use? (outlook, thunderbird, SOGo, Roundcube, Webtop)
Do you have other services that are used with the same account? If so, are those working for the user?
Any relevant entries in the logs?

Hi @robb sorry I was typing while panicked :sweat_smile:

I have a Nethserver with 4.9.18 Samba DC
using roundcube , simply refuse the login, using webtop it give access but right after says cannot connect to mail
no other services to that specific user

which log could be relevant ? from cockpit if I try to reset password still cannot login.

Hi @trogloraspa,

You may have an problem with the account provider or the mail-server.

I am amusing other users do not have problems… right?

To check if there is really a problem with the password of this user,
you may (if you have not done this already) enable the user-setting page in System -> settings:

then try to log in at as the user with the problem, you should see this:

If this succeeds it probably is not a AD related password problem.

Thanks for reply.

User Setting page is on, and used when someone needs to change the password. When an user of my AD forget the password I usually set a temp password and then let them connect there to change at their will.

this is not the case, because I cannot change the password like I’ve always done before.

Can you confirm the user with the problem cannot login to the user-settings page?

he cant connect there. and another user just sent me:

oke, are the sevices nsdc and sssd running?

look in System -> Services

or on the command line:

systemctl status sssd

systemctl status nsdc

if not try to start them

Did you try to (re)start nsdc? systemctl start nsdc

systemctl start nsdc 

worked and now nsdc status is ok BUT done same check for sssd got:

also after systemctl restart sssd


is “ad_gpo_access_control enforcing mode” the issue?

Do not know what that is, so can not tell you.

The first problem: nsdc failed to start because
Failed to add new veth interfaces..: File exists
is reported more times over the years :

and should be fixed…

logs from sssd_nss reports:

(2021-06-23 8:51:31): [nss] [sss_dp_get_reply] (0x0010): The Data Provider returned an error [org.freedesktop.sssd.Error.DataProvider.Offline]

and ldap_child.log :
(2021-06-23 15:04:52): [ldap_child[20646]] [ldap_child_get_tgt_sync] (0x0010): Failed to init credentials: Preauthentication failed

Still looks like nsdc is not running, can you check again?

If nsdc is not running can post the result of:
ip link | grep vb

is running:

This is as far as I can help you :cry:
Do not know why sssd is failing after nsdc is up and running;
my last resort would be not very linuxy : reboot…

cc// @support_team (and @davidep )

well I rebooted already… but no luck

It seems nsdc and sssd services are running.

Maybe with some more info someone else can lend a hand:

config show sssd
config show nsdc
account-provider-test dump
cat /etc/krb5.conf
klist -t -k /etc/krb5.keytab

Similar service error report but I’ve no access to red hat: