Univention Bugzilla – Bug 36778
member-mode fails if Administrator account (well known RID) has different password in AD
Last modified: 2015-01-29 11:43:11 CET
very similar to #36776
The adminstrative account is renamend in AD. To avoid Bug #36776, I renamed it in UCS also. But as long as the passwords are different, this still does not work as the join script uses the "old" UCS password for the administrative account, while the "new" AD password is already needed.
In UCS 3.2-4 it fails in line 277:
univention-directory-manager computers/$server_role modify "$@" --dn "$ldap_hostdn" --append-option samba --set password="$(cat /etc/machine.secret)" || die
Failure is "authentication error: Authentication failed"
Created attachment 6432 [details]
logfile: login and password for RID 500 changed in AD
Attachement is a logfile where both name and password of the administrative account (RID500) differ from UCS (in AD it has been renamed to "sysad").
Should be fixed along with Bug 36776.
Tests were successful. I made different joins with renamed Administrator accounts and new Domain Admins.