1 2 Previous Next 16 Replies Latest reply on Dec 2, 2015 10:00 AM by Steffen Kreis

    Automation Principal not working from all AppServers ?!

    Steffen Kreis



      we are running BSA 8.6.1. Due to the migration of the AppServers from Window to Linux we are currently running a mixed mode of the environment. Meaning we have Windows based AppServers and Linux based AppServers online at the same time.


      We noticed a very obscure but critical issue today. For all the Domain Controllers that we manage we use a dedicated Automation Principal (AP) to execute actions on a DC target.


      The issue is that from the Windows based AppServers the AP works fine against the DCA targets and can login successfully:

      From the Target RSCD log:

      12/01/15 13:17:47.492 9420 principal@domain.com:PasswordLogon (BLAdmins:steffen@DOMAIN.COM): CM: > [Client] Retrieving services


      As soon as i connect against the same target from a Linux AppServers we get and "No authorization to access host" in the Console the following entries in the RSCD Log of the target:

      12/01/15 13:13:52.223 17064 SYSTEM (BLAdmins:steffen@DOMAIN.COM): CM: Failed to change to alternate user

      SV123456 12/01/15 13:13:55.624 15564 SYSTEM (Not_available): (Not_available): authenticate_user failed ; Error Location: RSCD_WinUser::logonPassword:LsaLogonUser() ; Error Message: Logon failure: unknown user name or bad password. ; Auxiliary Error Message: principal@domain.com


      When we try that to often the account is locked !


      The Windows Event-Log clearly indicates that the wrong password was used for the logon.


      Please note, for all the other 8.000 Windows servers that we manage, we use another Automation Principal and this one works fine from all AppServers.

      It is just that one used for DC's that produces the problems.


      Has anybody experienced something similar before ?



        1 2 Previous Next