Hi everyone,
I’m using SMP 7.1 SP2 on windows 2008 R2. I’m getting disconnected from the SMP console sometimes and see the below errors in the Altiris log view. The domain appid account gets locked out. Domain policy is set for 5 minutes so after that everything comes back to normal and works fine. But this keeps on repeating for account lockout. Why is this behavior?
<event date="Nov 07 06:16:36 +00:00" severity="4" hostName="NS SERVER" source="Altiris.NS.Server.GroupMessaging_Trace" module="w3wp.exe" process="w3wp" pid="8848" thread="133" tickCount="1374681059"><![CDATA[[w3wp.exe:/LM/W3SVC/1/ROOT/Altiris/ActivityCenter/Service-12-129967406865629574] Unable to retrieve the list of registered mmfs as the security context is not ready.]]></event>
<event date="Nov 07 06:16:38 +00:00" severity="1" hostName="NS SERVER" source="Altiris.NS.Server.GroupMessaging_Trace" module="w3wp.exe" process="w3wp" pid="8848" thread="280" tickCount="1374683384"><![CDATA[[w3wp.exe:/LM/W3SVC/1/ROOT/Altiris/ActivityCenter-11-129967406804477467] <_lm_w3svc_1_root_altiris_activitycenter_11_129967406804477467_9ef05ba5551947f6b570773de504d669> Failed to create security context for channel: Altiris.NS.Utilities.ImpersonationException: Could not logon as user "Domain\appidcelint". Current user is "IIS APPPOOL\Classic .NET AppPool". Token=0, LastError=1909 (The referenced account is currently locked out and may not be logged on to). ---> System.ComponentModel.Win32Exception: The referenced account is currently locked out and may not be logged on to
--- End of inner exception stack trace ---
at Altiris.NS.Utilities.Impersonate.CreateUserLogonToken(String domain, String user, String password, Int32 logonType, Int32 logonProvider, IntPtr& token1)
at Altiris.NS.Utilities.Impersonate.ImpersonateAsSvc()
at Altiris.NS.Server.GetSecurityContextForNSChannel()
at Altiris.GroupCommunications.Channel.CreateSecurityContextCallbackWrapper()
**CEDUrlStart** :http://entced.symantec.com/entt?product=SMP&version=Unknown&language=en&module=BxUshTrphjeZZQWUdFx8ZNxP8F/hNYa1UDCJd1y8S7w=&error=931233821&build=**CEDUrlEnd**
]]></event>
<event date="Nov 07 06:16:38 +00:00" severity="4" hostName="NS SERVER" source="Altiris.NS.Server.GroupMessaging_Trace" module="w3wp.exe" process="w3wp" pid="8848" thread="280" tickCount="1374683399"><![CDATA[[w3wp.exe:/LM/W3SVC/1/ROOT/Altiris/ActivityCenter-11-129967406804477467] Unable to retrieve the list of registered mmfs as the security context is not ready.]]></event>
<event date="Nov 07 06:16:39 +00:00" severity="1" hostName="NS SERVER" source="Altiris.NS.Server.GroupMessaging_Trace" module="w3wp.exe" process="w3wp" pid="8848" thread="280" tickCount="1374684055"><![CDATA[[w3wp.exe:/LM/W3SVC/1/ROOT/Altiris/ActivityCenter-11-129967406804477467] <_lm_w3svc_1_root_altiris_activitycenter_11_129967406804477467_9ef05ba5551947f6b570773de504d669> Failed to create security context for channel: Altiris.NS.Utilities.ImpersonationException: Could not logon as user "Domain\appidcelint". Current user is "IIS APPPOOL\Classic .NET AppPool". Token=0, LastError=1909 (The referenced account is currently locked out and may not be logged on to). ---> System.ComponentModel.Win32Exception: The referenced account is currently locked out and may not be logged on to
--- End of inner exception stack trace ---
at Altiris.NS.Utilities.Impersonate.CreateUserLogonToken(String domain, String user, String password, Int32 logonType, Int32 logonProvider, IntPtr& token1)
at Altiris.NS.Utilities.Impersonate.ImpersonateAsSvc()
at Altiris.NS.Server.GetSecurityContextForNSChannel()
at Altiris.GroupCommunications.Channel.CreateSecurityContextCallbackWrapper()
**CEDUrlStart** :http://entced.symantec.com/entt?product=SMP&version=Unknown&language=en&module=BxUshTrphjeZZQWUdFx8ZNxP8F/hNYa1UDCJd1y8S7w=&error=931233821&build=**CEDUrlEnd**
]]></event>