[HELP] Lithnet group managed service account stops functioning after 30 days

[damienmemko]

I believe when the managed service account cycled its passwords the service stops authenticating with my DC. The base scripts and automatic sql express installation were used with the only customization being the account name changed to svc.lithnet

2022-11-25 15:16:34.3856|ERROR|00-7c2add3cd044118f5a2c0684d6700419-9c797d727b0ed18e-00|192.168.1.254||Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware|An unhandled exception has occurred while executing the request. System.Security.Authentication.AuthenticationException: The user name or password is incorrect. ---> System.Runtime.InteropServices.COMException (0x8007052E): The user name or password is incorrect. at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.PropertyValueCollection.PopulateList() at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName) at System.DirectoryServices.PropertyCollection.get_Item(String propertyName) at System.DirectoryServices.ActiveDirectory.PropertyManager.GetPropertyValue(DirectoryContext context, DirectoryEntry directoryEntry, String propertyName) --- End of inner exception stack trace --- at System.DirectoryServices.ActiveDirectory.PropertyManager.GetPropertyValue(DirectoryContext context, DirectoryEntry directoryEntry, String propertyName) at System.DirectoryServices.ActiveDirectory.Domain.GetDomain(DirectoryContext context) at System.DirectoryServices.ActiveDirectory.Domain.GetComputerDomain() at Lithnet.AccessManager.ActiveDirectory.DiscoveryServices.FindDcAndExecuteWithRetry[T](Func`2 action) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.ActiveDirectory\Providers\DiscoveryServices.cs:line 44 at Lithnet.AccessManager.ActiveDirectory.ActiveDirectoryProvider.GetDirectoryEntry(String nameToFind, DsNameFormat nameFormat) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.ActiveDirectory\Providers\ActiveDirectoryProvider.cs:line 691 at Lithnet.AccessManager.ActiveDirectory.ActiveDirectoryProvider.GetDirectoryEntry(SecurityIdentifier nameToFind) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.ActiveDirectory\Providers\ActiveDirectoryProvider.cs:line 706 at Lithnet.AccessManager.ActiveDirectory.ActiveDirectoryProvider.FindUserInGc(String objectName) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.ActiveDirectory\Providers\ActiveDirectoryProvider.cs:line 519 at Lithnet.AccessManager.ActiveDirectory.ActiveDirectoryProvider.GetUser(String name) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.ActiveDirectory\Providers\ActiveDirectoryProvider.cs:line 54 at Lithnet.AccessManager.WebApp.Authentication.AuthenticatedUserProvider.GetLoggedInUser(ClaimsPrincipal principal) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.WebApp\Authentication\AuthenticatedUserProvider.cs:line 37 at Lithnet.AccessManager.WebApp.Authentication.WindowsAccountNameClaimProvider.TransformAsync(ClaimsPrincipal principal) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.WebApp\Authentication\WindowsAccountNameClaimProvider.cs:line 23 at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme) at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.ResponseCaching.ResponseCachingMiddleware.Invoke(HttpContext httpContext) at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)

[ryannewington]

Hi @damienmemko

You might be suffering from the issue documented in this article

https://docs.lithnet.io/ams/help-and-support/support-articles/kb000005

[damienmemko]

Beautiful mate I think that should be it!