we had a problem with the running horde container on a domain master twice in the last few weeks. Users were not able to login and after some digging we realized that the machine password is not correctly reflected to /etc/horde/horde/conf.d/10-ucs.php after a machine password change. We have to manually run ucr commit /etc/horde/horde/conf.d/10-ucs.php in this case.
How should the change be triggered usually? Machine password changes seem to work correctly on a second domain backup server.