Skip to main content

we recently deployed BeyondTrust in our environment. so far it has been a learning process for me. I need help desperately about an issue i hope i can get help here. Thank you

 I have few dmz boxes in an address group and with local functional and scan accounts.  They all use the same functional account and password. on one of the six boxes I am getting error alert emailed with a message that the password rotate was failed Functional account..

I have tried many suggested solutions including the article available here: https://beyondtrustcorp.service-now.com/csm?id=kb_article&sys_id=53adfd211b65e2106fe95287624bcb05. 

This error only occurs on server that is newly added to the group. The rest of the five servers are fine. This seemed to relate the Functional account on the machine. This VM was newly added to the existing group that already used a Functional account rotated password. I tested and i can login with both Functional and Scan accounts, they both are in local administrators. However, An error alert is email almost every 30 minutes or so. I would appreciate any support please. I would recommend we do a remote session so i can explain better. Thank you

You might want to take a look at the BeyondTrust.Agents.PasswordServices(date).txt log in the resource broker. If you need a remote session please raise a support case.

https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0018833

@Mohan Upadhaya with OS is your server? it might do some good to verify if you have the “LocalAccountTokenFilterPolicy” in your server, as that can cause some issues with local change in windows.

As stated in KB0018597 

Disable UAC
 

Test disabling UAC in case it is blocking, for more information regarding UAC please refer to Microsoft Microsoft User Account Control Overview

1. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system

2. Right-click and select New DWORD

3. Name the DWORD "LocalAccountTokenFilterPolicy"

4. Right-click LocalAccountTokenFilterPolicy, and then click Modify.

5. Set the value to 1.
 

Reply


Badge Earners

  • BCIE: Password Safe
    Wesley Cardosohas earned the badge BCIE: Password Safe
  • BCIE: Endpoint Privilege Management - Windows
    Diliphanhas earned the badge BCIE: Endpoint Privilege Management - Windows
  • BCA: Endpoint Privilege Management - Windows
    Sarah Fadelhas earned the badge BCA: Endpoint Privilege Management - Windows
  • BCSE: Identity Security Insights
    Fabien Landaishas earned the badge BCSE: Identity Security Insights
  • BCA: Password Safe
    Andrej Vavrahas earned the badge BCA: Password Safe
Show all badges
Terms & ConditionsCookie settings