UCS DC Member locked out of UCS-AD Domain

One thing to apologize in advance: I am a Linux newbie :slight_smile:

During migration of my outdated SBS 2011 Server (running on ProxMox as VM) I first installed another ProxMox VM (named UCS) with UCS 4.4-8 and Kopano als a member of my SBS2011 AD-Domain. The migration of my Exchange-accounts to Kopano worked without problems.

As a secondary step I now started the migration of the SBS 2011 Domain-Controller to another separate ProxMox-VM called UCS-DC. It finally worked using UCS 4.1, starting AD-Takeover, running the migrate_legacy_dns_zones and updating to Version 4.4-8. After some quirks everything seems to work. Almost everything…

But I now have the problem, that my UCS VM with Kopano seems not to connect properly with the new UCS-DC. If I create a new user using the Windows RSAT Tools, it does not synchronize with the UCS/Kopano member server. The new user does not appear in the user-list. It seems to be a problem with the AD-synchronization / changed passwords.

In the logfile “/var/log/samba/log.samba” I get repeatedly (about 2 times per minute) the entry:

[2022/03/21 10:37:55.665522, 1, pid=1728] …/…/source4/dsdb/common/util.c:5551(dsdb_update_bad_pwd_count)
Locked out user CN=ucs,OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=****,DC= after 7594 wrong passwords

Help! - How can I reconnect the UCS / Kopano member server to my new UCS-DC domain?

Thank you very much in advance!