Oct 13 2016 02:04 AM - edited Oct 13 2016 02:05 AM
After installing May 2016 Cumulative Update (Project Server KB3115024) my Search service application stopped crawling content with error "Item was not crawled because of a password change".
My Default content access account is OK. I have changed it several times in search administration page.
Password is ok.
Web application policies for this account are correctly configured for read access.
After starting full crawl process I receive also this event log warning:
The start address http://xxx
Context: Application 'Search_Service_Application', Catalog 'Portal_Content'
Details: Logon failure: unknown user name or bad password. (0x8007052e)
In security Event log:
Audit failure: An account failed to log on.
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: SearchAccAcnt
Account Domain: mydomain
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xC000006D
Sub Status: 0xC000006A
This (Status: 0xC000006A) means that account is ok but password is bad.
As I said password for this account is ok.
After checking search app DB I've found that password for this account is stored in clear text:
MSSConfiguration table:
GUID\Gathering Manager\DefaultAccount => mydomain\SearchAccAcnt
GUID\Gathering Manager\DefaultAccountSecret => {guid2}
GUID\Gathering Manager\Secrets\{guid2} => my-password-in-clear-text
But in my sps-2010 farm password is encoded in this record:
GUID\Gathering Manager\Secrets\{guid} => 0x568FC1....
I think while impersonating search account sharepoint tries to decode stored password but result is bad because it is stored in clear text. Which cause logon failed error.
What happened in my system?
Why sharepoint started saving this password in a clear text?
Can anybody check the same table in SearchAppDB?
do you have also encoded password for search acount or not?
Dec 07 2016 03:45 PM - edited Dec 07 2016 03:47 PM
We have the same problem in our (upgraded from SP2010) search admin db.
In our Acceptance envrinment there's a System.Byte value in the field, in Production the password in in plain text. In Production crawling doesn't work. We tried updating the value using powershell.
Have you found a solution for the problem?