Noticed on UCS@school slaves with samba4 connector: if the slave had changed its machine password (machine.secret) the s4connector seems to use the old machine.secret for writes in OpenLDAP on the dc master. All write requests are rejected with "invalid credentials". After a restart of the s4 connector, these problems disappear and the connector tries to catch up the failed objects.
Also seen here: 2013090921002054
Fixed. This is only relevant if you are using the s4 connector on a slaves, like in UCS@school. Fix 3.1: r44378 + r44386 YAML 3.1: r44388 Fix 3.2: r44379 Changelog 3.2: r44382
OK - errata3.1-1 OK - YAML OK - ucs3.2-1 OK - Changelog
http://errata.univention.de/ucs/3.1/188.html