An External Administrator Store is configured for Admin UI using client's Active Directory.

When a change is needed to the password for the service account that is used to bind to AD for authentication to take place, if the password is changed in AD first and not be able to login to Admin UI to change the password for the service account there.

Release: 12.8.x AdminUI 

You can set the user and password to make the directory connection externally, Update External Administrator Store Credentials.

Update directory manager credentials with the smjndisetup utility.

(NOTE: The smjndisetup utility can only update connection details that were configured using the Administrative UI. You cannot use the smjndisetup utility to create the connection credentials.)

Follow these steps: 

1. Log in to the Administrative UI host system.

2. Navigate to <admin_ui_home>\bin.

   (NOTE: <admini_ui_home> specifies the Administrative UI installation path)

3. Run the following command:

Windows

smjndisetup.bat --reset-password

Linux

smjndisetup.sh --reset-password

4. Do one of the following tasks:

• Type the new directory user and press Enter.
• Press Enter to accept the default user name.

5. Type the new password and press Enter.

6. Type Y and press Enter.

   The utility restarts the Administrative UI service. The utility also updates the new directory connection details.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/single-sign-on/12-8/configuring/policy-server-configuration/administrators/configure-an-external-administrator-store.html