I assume that by "log in to the server" you mean you're using an LDAP client and are trying to query the LDAP server on the DC Slave.
What you need to be aware of is that a UCS machine actually runs up to two LDAP servers. The one that's always running is the OpenLDAP server where UCS stores its users, groups, configuration etc.
The other one that may or may not run is the one provided by the Samba 4 software. An Active Directory server/controller requires LDAP for its functionality. This LDAP has a similiar structure to the OpenLDAP one, but there are many important differences; therefore there have to be two LDAP servers in such a case (with a separate program synchronizing content in both ways; that program's called the Univention Samba4 Connector).
Why is this important? Well, the Samba component is actually optional and doesn't have to be installed, but if it is installed it has to run on the default LDAP port 389. Therefore the OpenLDAP server, the one that's always present, always runs on the non-standard port 7389. So it's quite possible that you don't have an LDAP server running on port 389 if you don't use Samba on your DC Slave.
There are some more differences, especially regarding the authentication. Both server types contain the same user accounts with the same passwords, but they accept slightly different syntaxes:
- For the OpenLDAP server on port 7389 you must use a full DN as the user name, e.g. "uid=cbonnie,cn=users,dc=mbu-test,dc=intranet".
- With the Samba4 LDAP on port 389 you can use either the DNs (but note that they're slightly different! in my case: "cn=cbonnie,cn=users,dc=mbu-test,dc=intranet"), the Kerberos principal ("email@example.com") or even the old domain login syntax ("mbu-test\cbonnie").
If you're unsure whether or not you're running Samba4 on your DC Slave you can check if it's installed ("dpkg -l | grep univention-samba4"). If you need the actual DNs for the OpenLDAP server try running "univention-ldapsearch uid=REPLACE-WITH-YOUR-LOGIN-NAME dn".