Critical: Check kerberos authenticated DNS update after restore

ucs-4-4

#1

From my previous thread of a upgrade gone bad I have decided it was quicker and easier to start over and restore from a backup and followed Cool Solution - Single Server Backup and Restore and was successful with no errors during the restore process.

I performed a system diagnostic on the new DC Master and I get the error:
Critical: Check kerberos authenticated DNS update (on DC Master)

Errors occured while running `kinit` or `nsupdate`.
`kinit` for principal ad$ with password file /etc/machine.secret failed.

From the thread Critical: Check kerberos authenticated DNS update (on DC Master) I checked with:

kinit --password-file=/etc/machine.secret $(hostname)\$
klist

The output is:

# kinit --password-file=/etc/machine.secret $(hostname)\$
kinit: Password incorrect
# klist
klist: No ticket file: /tmp/krb5cc_0

And for some system info:

# univention-app info
UCS: 4.4-0 errata137
Installed: google-apps=2.3 pkgdb=11.0 prometheus-node-exporter=1.1 radius=5.0 samba4=4.10 4.3/admin-dashboard=1.2 4.3/prometheus=1.1
Upgradable: 

Where do I go from here? I know @Moritz_Bunkus has worked on threads related to this.


#2

I had this same issue before some days. I’ve solved it by triggering a machine password change on the affected system:


#3

Thanks, that worked like a charm.