Access Manager provides web-based access to local admin (LAPS) passwords, BitLocker recovery keys, and just-in-time administrative access to Windows computers in a modern, secure, and user-friendly way.
Other
238
stars
20
forks
source link
[HELP] Lithnet group managed service account stops functioning after 30 days #191
I believe when the managed service account cycled its passwords the service stops authenticating with my DC. The base scripts and automatic sql express installation were used with the only customization being the account name changed to svc.lithnet
2022-11-25 15:16:34.3856|ERROR|00-7c2add3cd044118f5a2c0684d6700419-9c797d727b0ed18e-00|192.168.1.254||Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware|An unhandled exception has occurred while executing the request.
System.Security.Authentication.AuthenticationException: The user name or password is incorrect.
---> System.Runtime.InteropServices.COMException (0x8007052E): The user name or password is incorrect.
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.PropertyValueCollection.PopulateList()
at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName)
at System.DirectoryServices.PropertyCollection.get_Item(String propertyName)
at System.DirectoryServices.ActiveDirectory.PropertyManager.GetPropertyValue(DirectoryContext context, DirectoryEntry directoryEntry, String propertyName)
--- End of inner exception stack trace ---
at System.DirectoryServices.ActiveDirectory.PropertyManager.GetPropertyValue(DirectoryContext context, DirectoryEntry directoryEntry, String propertyName)
at System.DirectoryServices.ActiveDirectory.Domain.GetDomain(DirectoryContext context)
at System.DirectoryServices.ActiveDirectory.Domain.GetComputerDomain()
at Lithnet.AccessManager.ActiveDirectory.DiscoveryServices.FindDcAndExecuteWithRetry[T](Func`2 action) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.ActiveDirectory\Providers\DiscoveryServices.cs:line 44
at Lithnet.AccessManager.ActiveDirectory.ActiveDirectoryProvider.GetDirectoryEntry(String nameToFind, DsNameFormat nameFormat) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.ActiveDirectory\Providers\ActiveDirectoryProvider.cs:line 691
at Lithnet.AccessManager.ActiveDirectory.ActiveDirectoryProvider.GetDirectoryEntry(SecurityIdentifier nameToFind) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.ActiveDirectory\Providers\ActiveDirectoryProvider.cs:line 706
at Lithnet.AccessManager.ActiveDirectory.ActiveDirectoryProvider.FindUserInGc(String objectName) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.ActiveDirectory\Providers\ActiveDirectoryProvider.cs:line 519
at Lithnet.AccessManager.ActiveDirectory.ActiveDirectoryProvider.GetUser(String name) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.ActiveDirectory\Providers\ActiveDirectoryProvider.cs:line 54
at Lithnet.AccessManager.WebApp.Authentication.AuthenticatedUserProvider.GetLoggedInUser(ClaimsPrincipal principal) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.WebApp\Authentication\AuthenticatedUserProvider.cs:line 37
at Lithnet.AccessManager.WebApp.Authentication.WindowsAccountNameClaimProvider.TransformAsync(ClaimsPrincipal principal) in D:\dev\git\lithnet\access-manager\src\Lithnet.AccessManager\Lithnet.AccessManager.WebApp\Authentication\WindowsAccountNameClaimProvider.cs:line 23
at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.ResponseCaching.ResponseCachingMiddleware.Invoke(HttpContext httpContext)
at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)
I believe when the managed service account cycled its passwords the service stops authenticating with my DC. The base scripts and automatic sql express installation were used with the only customization being the account name changed to svc.lithnet