From my previous thread of a upgrade gone bad I have decided it was quicker and easier to start over and restore from a backup and followed Cool Solution - Single Server Backup and Restore and was successful with no errors during the restore process.
I performed a system diagnostic on the new DC Master and I get the error:
Critical: Check kerberos authenticated DNS update (on DC Master)
Errors occured while running `kinit` or `nsupdate`.
`kinit` for principal ad$ with password file /etc/machine.secret failed.
From the thread Critical: Check kerberos authenticated DNS update (on DC Master) I checked with:
kinit --password-file=/etc/machine.secret $(hostname)\$
klist
The output is:
# kinit --password-file=/etc/machine.secret $(hostname)\$
kinit: Password incorrect
# klist
klist: No ticket file: /tmp/krb5cc_0
And for some system info:
# univention-app info
UCS: 4.4-0 errata137
Installed: google-apps=2.3 pkgdb=11.0 prometheus-node-exporter=1.1 radius=5.0 samba4=4.10 4.3/admin-dashboard=1.2 4.3/prometheus=1.1
Upgradable:
Where do I go from here? I know @Moritz_Bunkus has worked on threads related to this.
SirTux
2
I had this same issue before some days. I’ve solved it by triggering a machine password change on the affected system:
sccmrb
3
Thanks, that worked like a charm.
Hello,
I am trying to trigger the script and I can’t run it. Can you explain how you run it?
sccmrb
5
If you look in the linked article in just copy/paste this into your shell.
/usr/lib/univention-server/server_password_change
that would not do anything (you have to read the linked article to the end !!!)
youo first have to set the password change interval
ucr set server/password/interval=-1
then
/usr/lib/univention-server/server_password_change
and after that reset the interval to the default :
ucr set server/password/interval=21
rg
Christian
1 Like