Forum Discussion
Medium Alert Read-only user password to expire shortly on GMSA
Hi Azure ATP Team,
my Azure ATP is configured runs with a Group Managed Service Account to read the ADDS. Why ATP Alert my abount "Read-only user password to expire shortly" by a GMSA?
Kind Regards
Steve
The fact that we even alert on gmsa accounts is a bug, you don't have anything to do in that regards...
There is no question about it..
I asked because I am trying to figure out why it pops in your case and not in others.
by default, when you define the gmsa account, it's password expiry policy is 1 month, but you can change it. my question was if you changed it to something lower than 1 month...
- Gerson LevitzIron Contributor
Hi jazzer
Are you still seeing the health alert on the gMSA?
Are the sensors still working?
Thanks
Gershon [MSFT]
- jazzerCopper Contributor
Yes the Alert is still active and the Sensors are still working. I want the system to manage the password. I don't want to have to set the gmsa to Password never expiere!
The Medium Alert is:
A health issue occurred in contoso
The password for the read-only user, contoso.com\gmsa-ATPSensor$, expires on 5/29/2020 6:58:43 AM UTC. The read-only user is used by the Sensor services to perform LDAP queries against the domain controllers in the environment. If the password expires, the system will stop functioning as expected.