Forum Discussion
manuelll1310
May 11, 2021Copper Contributor
Defender ATP doesnt remove old service account when switched te new account
Good day all, Last week i wanted to setup a gmsa account instead of a user account for ATP Defender for identity service. I had a test account which i later changed to the new one. The new gMS...
EliOfek
Microsoft
May 11, 2021Close the alert, if it says closed it's OK, if it reopens let me know.
We close the alert if we see the credentials fixed, but in this case you removed it while they were in error, so we are not reporting it fixed to auto close this.
We close the alert if we see the credentials fixed, but in this case you removed it while they were in error, so we are not reporting it fixed to auto close this.
- manuell665May 11, 2021Copper ContributorThanks for your quick reply! unfortunatly the alert immediatly re-opens when i close the alert.
- EliOfekMay 11, 2021
Microsoft
this account is no longer in the credentials list in the MDI portal ? can you make sure?
are all sensors currently reporting healthy ?
is it possible not all sensors can pull the gmsa's password for the new credentials ?- manuelll1310May 11, 2021Copper Contributor
Correct. All sensors installed and confirmed as "running" ands report healthy. The current account is working.
I did a test just to switched to a non-existing account and switch back to the current working account.
And now two accounts reports credential failures, even though they are not existing and not selected as account.
I can also confirm that all dc's are in the gmsa group for receiving password.