New users are not authenticated (and are not knows to univention server)

Hi everyone.
I have a UCS server with 2 microsoft domain controller (Windows 2012R2)
all user are replicated on UCS but new users are not.
If I had a new user he/she can not log in UCS server application like nexcloud onlyoffice or whatever. I can not see it in “user” menu.
however the user is availlable with AD and external app, like NAS or email service.
just not in univention.

system diagnostics report a critical problem with kerberos:
CRITICAL: Check kerberos authenticated DNS updates
errors occured while running ‘kinit’ or nsupdate

root@ucs-srv-ad:~# lsb_release -a
No LSB modules are available.
Distributor ID: Univention
Description: Univention Corporate Server 4.4-3 errata443 (Blumenthal)
Release: 4.4-3 errata443
Codename: Blumenthal

root@ucs-srv-ad:~# ucr get server/role
domaincontroller_master

If I do a “getent passwd” with an old user I get his profile, but with a new user I got no response.

don’t know what to do by now, hope to ear from you,
regards.

this problem is still current.
I can uninstall and reinstall “Active Directory connection” so profile keep in sync but new profile still doesn’t replicate.
The “start Active Directory connection service” seem to not works…
any idea ? any troubleshoot method ?

@dominix it is sad to read that even over a year nobody even tried to help you; I’m new with UCS and that don’t give me hope.
Do you still enjoy UCS or you regret your choice ?

I don’t know, but generally I check my error messages ?

hi every one. And thanks for trying to help me. I don’t know what is wrong, because I have no errors in my logs, the AD seems to works correctly but the univention web interface still reports an errors. It may be a false positive, but still it annoy me … SO I do not plan to use Univention as my only authentication method. a this time its stay a secondary or a cache I don’t knows exactly how everythings is related to each other.