When using the Unix Application to manage Target Accounts, you may need to make changes on the Script Processor tab to enable PAM to manage accounts on a Unix system. The first of these is the Unix Variant; AIX, Generic, HPUX, Linux, Solaris, or Other. Changing this will change the values of some of the fields listed below.
The most common change will be the Regular Expressions for the various prompts. This will be necessary when the prompts on the system in question does not match the defaults set for the selected Unix Variant. You can check if this is needed by setting the Tomcat Log Level = Info, on the Config --> Diagnostics page and trying to update a password. You can then download the Tomcat log and look for "Does not match". You can easily see the string PAM expects and what it received. You can also go through the password change process manually on the target system. You don't need to change the password. Just stop after you see all the prompts. You can change the Regular Expressions from the defaults, seen under each field, to match your actual prompts.
Sometimes you might see "Does not contain", after PAM sends a status check. This can be found as an echo command, with two strings of digits with -$?- in between. Check the timestamps and you may be able to see that a timeout occurred. When this happens you can change the Script Timeout value on the Script Processor page.
Making these changes should enable you to resolve most such issues. If you are still not able to get the password update to work please open a ticket. Make sure you provide the Tomcat Log, using the steps described above.