--- preup.sh-3.0-0.orig	2012-06-20 10:32:58.000000000 +0200
+++ preup.sh-3.0-0	2012-06-20 11:23:27.000000000 +0200
@@ -740,6 +740,24 @@
 fi
 echo "OK"
 
+# check for valid machine account
+eval "$(ucr shell server/role ldap/base ldap/hostdn ldap/server/name)"
+if [ -n "$server_role" -a "$server_role" != "basesystem" -a -n "$ldap_base" -a -n "$ldap_hostdn" -a -f /etc/machine.secret ]
+then
+	ldapsearch -x -D "$ldap_hostdn" -w "$(< /etc/machine.secret)" -b "$ldap_base" -s base &>/dev/null
+	if [ $? -eq 49 ]
+	then
+		echo "ERROR: An LDAP connection to $ldap_server_name with the machine account has"
+		echo "       failed (invalid credentials)!"
+		echo "       This MUST be fixed before the update can continue."
+		echo
+		echo "       This problem can be corrected by setting the content of the file"
+		echo "       /etc/machine.secret as the password of the computer object using"
+		echo "       Univention Directory Manager"
+		exit 1
+	fi
+fi
+
 # only for update to UCS 3.0-0:
 # ensure that /etc/univention/templates/files/etc/ldap/slapd.conf.d/10univention-ldap-server_schema
 # is untouched by the user otherwise the update will fail (Bug #23483)