--- __init__.py.orig	2017-05-17 12:02:28.000000000 +0200
+++ __init__.py	2017-09-19 09:14:18.387304069 +0200
@@ -39,6 +39,7 @@
 from functools import wraps
 from ldap.filter import filter_format
 import pylibmc
+import subprocess
 
 from univention.lib.i18n import Translation
 from univention.lib.umc import Client, HTTPError, ConnectionError, Unauthorized
@@ -455,9 +456,30 @@
 			MODULE.error("set_contact_data(): {}".format(traceback.format_exc()))
 			raise
 
+	def admember_set_password(self, username, password):
+		ldb_url = ucr.get('connector/ad/ldap/host')
+		reset_username = ucr.get('ad/reset/username')
+		reset_password_file = ucr.get('ad/reset/password')
+		reset_password = open(reset_password_file).readline().strip()
+		cmd = ['samba-tool', 'user', 'setpassword', '--username', reset_username, '--password', reset_password, '--filter', filter_format('samaccountname=%s', (username,)), '--newpassword', password, '-H', 'ldap://%s' % ldb_url]
+		process = subprocess.Popen(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+		cmd_out, cmd_err = process.communicate()
+
+		if cmd_out:
+			MODULE.process("STDOUT of {}: {}".format(cmd_out))
+		if cmd_err:
+			MODULE.process("STDERR of {}: {}".format(cmd_err))
+
+		if process.returncode:
+			MODULE.error("admember_set_password(): failed to set password. Return code: %s" % (process.returncode,))
+			return False
+		return True
+
 	def udm_set_password(self, username, password):
+		user = self.get_udm_user(username=username, admin=True)
+		if 'synced' in user.get('objectFlag') and ucr.is_true('ad/member'):
+			return self.admember_set_password(username, password)
 		try:
-			user = self.get_udm_user(username=username, admin=True)
 			user["password"] = password
 			user["pwdChangeNextLogin"] = 0
 			user.modify()