Question:
How can I change the machine password from may ucs master. For example if you get
ldap_bind: Invalid credentials (49)
from a ldapsearch command.
Answer:
You can try the server-password change routine:
But in some cases this does not work anymore, if the password ist already wrong and the ldapaccess with the old machine.secret does not work, anymore you have to set the password manually.
You can use an old one, they are saved in /etc/machine.secret.old
or set a new one:
echo $(date +%y%m%d%H%M)': '$(cat /etc/machine.secret) >> /etc/machine.secret.old
NEWPW=$( pwgen -s 20 1 )
udm computers/domaincontroller_master modify --dn $(ucr get ldap/hostdn) \
--set password=$NEWPW
echo -n $NEWPW > /etc/machine.secret
unset NEWPW