The property Primary group is required


#1

Hello,
I am trying to reset password for domain controller master because of the following error:

====

root@mail:/var/log# univention-ldapsearch -b “$(ucr get ldap/hostdn)” -w $(cat /etc/machine.secret) cn=$(hostname -s) cn
ldap_bind: Invalid credentials (49)

====

      To do so I am running the following command with its corresponding error

=====
root@mail:/var/log# udm computers/domaincontroller_master modify --dn $(ucr get ldap/hostdn ) --set password=$(cat /etc/machine.secret )
Value is required: The property Primary group is required

       Tried to circumvent the problem with the following  command ;  but output is the same

====
root@mail:/var/log# udm computers/domaincontroller_master modify --dn $(ucr get ldap/hostdn ) --set password=$(cat /etc/machine.secret ) --set primaryGroup=“cn=DC BackupHosts,cn=groups,$(ucr get ldap/base)” --append groups=“cn=DC BackupHosts,cn=groups,$(ucr get ldap/base)”

Value is required: The property Primary group is required

=====

       Comments or ideas highly appreciated,

Rolando Riley


Failed to load License - Invalid credentials
#2

According to this bug entry (only in German, sorry) the error message might be misleading. It may indicate that the object you’re trying to bind with (the computer account) is indeed not present in the LDAP directory anymore.

Please verify that the computer account is still present. In order to circumvent having to authenticate with the LDAP you can use »slapcat | grep ‘^dn: cn=’« replacing with the machine’s name (without the domain part).

If it is missing then you’ll have to restore the object from an automated LDAP backup, I’m afraid.