Problem:

Using udm gives an ‘authentication error: Authentication failed’

~# udm list
authentication error: Authentication failed

Environment:

This happens on a slave server!

Investigation:

/var/log/univention/directory-manager-cmd.log

08.08.20 12:40:18.361 DEBUG_INIT
08.08.20 12:40:18.361 ADMIN ( INFO ) : daemon [27737] forked to background
08.08.20 12:40:18.433 ADMIN ( INFO ) : daemon [27737] new connection [27738]
08.08.20 12:40:18.434 ADMIN ( PROCESS ) : daemon [27737] [27738] Calling univention-directory-manager
08.08.20 12:40:18.434 ADMIN ( ALL ) : daemon [27737] [27738] arglist: [’/usr/sbin/udm’, ‘list’]
08.08.20 12:40:18.441 ADMIN ( INFO ) : using cn=admin,dc=schein,dc=ig account
08.08.20 12:40:18.458 LDAP ( INFO ) : establishing new connection with retry_max=11
08.08.20 12:40:18.477 LDAP ( INFO ) : bind binddn=cn=admin,dc=schein,dc=ig
08.08.20 12:40:18.478 ADMIN ( WARN ) : authentication error: Authentication failed
08.08.20 12:40:18.479 ADMIN ( INFO ) : daemon [27737] connection closed [27738]

On a slave server the machine account is normally used for bind, but here the cn=admin account is used.

Solution:

Make sure there is no ldap.secret on the server:

~# ls -l /etc/ldap.secret
-rw-r----- 1 root DC Backup Hosts 6 Sep 12  2016 /etc/ldap.secret

If there is one, you have to delete this. This is not “allowed” on a slave server.

See also: