cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Why does a DC still tries to use an old gMSA that is no longer is configured in the portal?

aaaaaaaanonymous
Copper Contributor

‎Jun 15 2021 10:20 PM

‎Jun 15 2021 10:20 PM

Why does a DC still tries to use an old gMSA that is no longer is configured in the portal?

Why does a DC still tries to use an old gMSA that is no longer is configured in the portal?

I initially use account GMSA2 and configure it the portal, a Sensor was installed..now I have added GMSA1 to the portal and remove GMSA2 from the portal.

It appears the DCs are using GMSA1 now and connected fine to the portal but they do still gives the error about GMSA2.  It has been a few weeks passed and still the DC keeps coming up with error "An attempt to fetch the password of a group managed service account failed" for GMSA2.

Is GMSA2 cached or something? How do I stop this error from occuring?

668 Views
1 Like
4 Replies
Reply
4 Replies
Eli Ofek

‎Jun 16 2021 03:22 AM

‎Jun 16 2021 03:22 AM

Re: Why does a DC still tries to use an old gMSA that is no longer is configured in the portal?

The credentials are cached only for a few minutes...
Did you make sure to delete the old credentials from the portal? they do not appear there any more ?
If you stop both sensor services on the machine, does the old credentials stopped being used (to make sure it's actually the sensor that is using them and not something else...)
0 Likes
Reply
aaaaaaaanonymous

‎Jun 16 2021 04:05 AM

‎Jun 16 2021 04:05 AM

Re: Why does a DC still tries to use an old gMSA that is no longer is configured in the portal?

Yep..remove from portal, delete from Active Directory.
Perhaps I need to stop the sensor or restart it and see.
0 Likes
Reply
Eli Ofek

‎Jun 16 2021 05:47 AM

‎Jun 16 2021 05:47 AM

Re: Why does a DC still tries to use an old gMSA that is no longer is configured in the portal?

There should not be a need to restart the sensor for it to refresh, but I would simply stop it for a few hours to see if authentications stop at that time. if they are not, it's not MDI related.
IS this sensor reported healthy in the portal ?
0 Likes
Reply
aaaaaaaanonymous

‎Jul 04 2021 10:16 PM

‎Jul 04 2021 10:16 PM

Re: Why does a DC still tries to use an old gMSA that is no longer is configured in the portal?

Hi
Just to close this off. It was just an open Heatlh Alert that never was closed. Once manually closed it is all good.
0 Likes
Reply