Q&A: How can I change the machine password from my ucs master?

Knowledge Base Community
, , ,
#1

Question:

How can I change the machine password from may ucs master. For example if you get
ldap_bind: Invalid credentials (49)
from a ldapsearch command.

Answer:

You can try the server-password change routine:

But in some cases this does not work anymore, if the password ist already wrong and the ldapaccess with the old machine.secret does not work, anymore you have to set the password manually.
You can use an old one, they are saved in /etc/machine.secret.old
or set a new one:

echo $(date +%y%m%d%H%M)': '$(cat /etc/machine.secret) >> /etc/machine.secret.old
NEWPW=$( pwgen -s 20 1 )
udm computers/domaincontroller_master modify --dn $(ucr get ldap/hostdn) \
  --set password=$NEWPW
echo -n $NEWPW > /etc/machine.secret
unset NEWPW
3 Likes
Problem: ldap bind invalid credentials - because ldap.secret
Automatic password_change of machine.secret fails on primary node
Server password change on DC master fails reproducible
Univention-ldapsearch : Invalid credentials (49)
#2
Mastodon