Problem: Shares and AD-Connector are not working anymore

Problem:

Shares access and AD-Connector are not working anymore.
AD-Membermode. ( Member in Microsoft AD)

Investigation:

After more than one failed server-password-changes, the machine.secret could not be rotated in AD.

root@ucs:~# wbinfo -t
checking the trust secret for domain SCHEIN via RPC calls failed
wbcCheckTrustCredentials(SCHEIN): error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233)
failed to call wbcCheckTrustCredentials: WBC_ERR_AUTH_ERROR
Could not check secret

Solution:

Try to find the still working password in
/etc/machine.secret.old
and test it with
kinit ucs$kinit <hostname>$

If you find the working password, then you can reset the password with the actual machine.secret.
kpasswd ucs$kpasswd <hostname>$
type the olf working machine.secret and than set the new machine.secret (cat /etc/machine.secret;echo)