Forum Discussion
ATP sensors in DCs failed to start - Failed to retrieve group managed service account password.
Info RemoteImpersonationManager CreateImpersonatorInternalAsync started [UserName=xxxx$ Domain=xxxx IsGroupManagedServiceAccount=True]
Info RemoteImpersonationManager GetGroupManagedServiceAccountTokenAsync finished [UserName=xxxx$ Domain=xxxx IsSuccess=False]
Info RemoteImpersonationManager CreateImpersonatorInternalAsync finished [UserName=xxxx$ Domain=xxxx]
Warn DirectoryServicesClient CreateLdapConnectionAsync failed to retrieve group managed service account password. [DomainControllerDnsName=xxxx.xxxx Domain=xxxx UserName=xxxx$ ]
Have tried: restart DCs, no health issue in MDI admin portal, Permission has checked gDSA has confirmed in the security group
1 Reply
- Hi Jason,
I hope this info can help you to resolve the issue: https://learn.microsoft.com/en-us/defender-for-identity/troubleshooting-known-issues#sensor-failed-to-retrieve-group-managed-service-account-gmsa-credentials
