Our UCS 5.0-6 errata908 is member server in AD on Windows Server 2019 (PDC). Both are VM running on Windows Hyper-V Server 2019.

Yesterday I created a new user in AD but it was not replicated to the UCS. So I started to investigate and came to the following issue in /var/log/univention/connector-ad-status.log

 ---     retry in 30 seconds      ---
Wed Feb  7 19:11:37 2024
Wed Feb  7 19:11:37 2024
 --- connect failed, failure was: ---
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/univention/connector/ad/main.py", line 247, in main
  File "/usr/lib/python3/dist-packages/univention/connector/ad/main.py", line 119, in connect
  File "/usr/lib/python3/dist-packages/univention/connector/ad/__init__.py", line 543, in init_ldap_connections
  File "/usr/lib/python3/dist-packages/univention/connector/ad/__init__.py", line 700, in open_ad
  File "/usr/lib/python3/dist-packages/univention/connector/ad/__init__.py", line 677, in get_kerberos_ticket
    raise kerberosAuthenticationFailed('The following command failed: "%s" (%s): %s' % (' '.join(cmd_block), p1.returncode, stdout.decode('UTF-8', 'replace')))
univention.connector.ad.kerberosAuthenticationFailed: The following command failed: "kinit --no-addresses --password-file=/tmp/tmplsrvkxco ucs-srv01$" (1): kinit: Password incorrect

After some research I came to this

Problem: Shares and AD-Connector are not working anymore

and after resetting the password in machine.secret the new user appears in UCS Users

But after restarting the server I run into serious problems concerning LDAP and from now on no user was able to login to UCS Portal again as described in


So I had to roll back the server to the last checkpoint created on the Hyper-V Server before trying to fix that issue with the password in machine.secret.

I’am a bit helpless where to start troubleshooting and how to solve the problem. Therefore I’d appreciate any help from this forum.

Thank you