Hi,
As mentioned in the subject, we use PAM to automatically manage a domain account. The system is supposed to rotate the password every 12 hours, but for the past couple of days we’ve been getting the attached error:
From the PAM side, there are no active tasks associated with that account. Would it be possible to force a password reset via a rotation, just to prevent this from happening again in the future?
Of course, if we manually reset it from AD, it works fine.
Hi Giacomo,
This is a known issue that the Privilege Secure team is actively investigating. Once we have a resolution, we will release a hotfix. Can you please open a support ticket so this can be tracked? You’ll be alerted when the fix is available.
- Dan
Hello Dan,
Thank you, ticket 00457230 has already been opened.
However, is there a temporary solution available? Currently, it appears there are four active sessions that do not exist, yet at this moment, there is only one active session on the entire PAM, and it is mine.
Giacomo,
I have spoken to our Support team, and they will be in touch with more information.
- Dan
Hi Dan,
When I run the script provided, at the end it prompts me to enter the credential highlighted in the screen, but I don’t have access to it:
Also, when I check the file located at C:\ProgramData\Stealthbits\PAM\HA\appsettings.json, I see the PostgresUser is set to repuser, but the password is encrypted.
How should I proceed? We’re still stuck, and if I rerun the script, it still detects the previous session as active
Thanks,
Giacomo.
Hi Giacomo,
Thanks for sharing the update here. Since you’ve already opened a support ticket and they’ve provided a script to try, the best path forward is to continue working directly with the support team. They have access to your environment details and can troubleshoot more deeply than we’re able to in the community.
Hi Derek,
ok!
Thanks,
Giacomo.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
