09-11-2013 12:26 PM
Sometime back I changed the VSA Password and since that time, out security team has been opening events for failed logons for the VSA. It specifically points to the ADSynchroniser.exe on the CA Server. Does anyone have some guidance on what I might have missed. CA is working fine.
thanks..
Solved! Go to Solution.
09-13-2013 04:30 AM
Scott,
Please take a look in the CA Client, Configuration tab, Account Information sub-tab. Check to see if you have the VSA specified for any domain that may be defined. It could be that someone populated one or more domains in this sub-tab and used the VSA credentials for the account to use to synchronize accounts.
If you find any domain configured in this sub-tab AND the VSA was specified as the synchronization account, you'll need to update the VSA password for that domain in this sub-tab.
FYI, if you only have one domain with which to synchronize, you should not need this sub-tab populated with anything as the VSA should already have the necessary permissions within the domain to perform the synchronization operations.
I know you said CA is working and you're not getting any errors in the event log, so this may just be an exercise in a double check of a configuration setting.
If you don't find any domain specified in this sub-tab, you can try to re-upload the reports using the current VSA credentials and see if you get any error. If you do get any error, you'll need to check the SQL Reporting Service configuration to see if the VSA credentials are specified anywhere there, and update as appropriate.
09-11-2013 02:29 PM
So you changed the password for the Accelerator services and restarted it? (just being thorough )
Are there any errors in the EV Log on the CA server?
09-11-2013 05:01 PM
I did Tony.... I also enabled (uploaded) CA Reports.... I just wonder if the password is cached somewhere?
I can't get security to leave me alone ;)
09-13-2013 04:30 AM
Scott,
Please take a look in the CA Client, Configuration tab, Account Information sub-tab. Check to see if you have the VSA specified for any domain that may be defined. It could be that someone populated one or more domains in this sub-tab and used the VSA credentials for the account to use to synchronize accounts.
If you find any domain configured in this sub-tab AND the VSA was specified as the synchronization account, you'll need to update the VSA password for that domain in this sub-tab.
FYI, if you only have one domain with which to synchronize, you should not need this sub-tab populated with anything as the VSA should already have the necessary permissions within the domain to perform the synchronization operations.
I know you said CA is working and you're not getting any errors in the event log, so this may just be an exercise in a double check of a configuration setting.
If you don't find any domain specified in this sub-tab, you can try to re-upload the reports using the current VSA credentials and see if you get any error. If you do get any error, you'll need to check the SQL Reporting Service configuration to see if the VSA credentials are specified anywhere there, and update as appropriate.
09-13-2013 08:14 AM
Kenneth, I unchecked the use specific account. I'll see where it goes from there.
I already re-uploaded the Report. If you guys don'y mind, I'm going to leave this as unsolved and wait and see if secuity opens another ticket.
TY!!
09-18-2013 11:00 AM
Ken, I removed the check from the "use specified account" checkbox and the error came back from our security group today.
Do you have anything else up you sleeve?
Thanks!!
09-18-2013 12:00 PM
Scott,
I presume the security folks are seeing these logon failures in the Security Event Log on the CA server. Would it be possible for you to post the information about one of those failed logons? Replace the domain and account name and any SID information to ensure you keep your account information internal, of course.
I have another idea, but it's rather drastic. You can uninstall CA and EV from the CA server. To do that, you would need to:
The removal and re-install using these steps should remove all traces of the VSA from the CA server, then create new entries with the new VSA password.
09-30-2013 02:50 AM
Hi,
Do you have any updates on this thread? Do you need more assistance regarding this topic?
If not then please mark the post that best solves your problem as the answer to this thread.
09-30-2013 08:43 AM
This ended up being a task that triggered these events. Since they events were logged on the DC I didn't have access to the time.
I re-entered the password for the task (even though it was already correct)
I don't know if there is a resolution, but since you want this closed, I'll close an give credit.