Hi all;
When I want to view the attributes of a Managed Service Accounts by using Attributes Tab, the following error message appears:
Any ideas?
Thanks
Error message while accessing the Attribute Editor tab of a Managed Service Account...
November 14th, 2013 6:59pm
not seen or played with managed service accounts much so will be interesting to see what others thing.....
have you tried viewing the attires from powershell - get-admanagedserviceaccount ? not sure what / if this will give you anything.
How did you connect in with ADSI?
Free Windows Admin Tool Kit Click here and download it now
November 14th, 2013 9:09pm
Hi,
Could you view the attributes for other object?
Did you check this KB article?
http://support.microsoft.com/kb/2526455
Meanwhile, hope this helps:
Managed Service Accounts: Understanding, Implementing, Best Practices, and Troubleshooting
Regards.
If you have any feedback on our support, please click here
November 18th, 2013 7:16am
Are you able to you check the attributes from ADSIEDIT. ??
Free Windows Admin Tool Kit Click here and download it now
November 18th, 2013 11:52am
Are you able to you check the attributes from A
November 18th, 2013 6:34pm
Very interesting. Do you have more than one DC? If so can you in ADUC connect to a different DC than the one you're currently connect do and see if you can reproduce the issue?
Free Windows Admin Tool Kit Click here and download it now
November 18th, 2013 6:44pm
No, just one dc with Windows Server 2012 Standard installed. I have also install all of the URs to date.
Thanks
November 18th, 2013 6:59pm
Is there any errors logged in the "Directory Service" log?
Free Windows Admin Tool Kit Click here and download it now
November 18th, 2013 7:06pm
Is there any errors logged in the "Directory Service&
November 18th, 2013 7:30pm
I think this is by design, you need to allow the DC it self to retrieve the password if you want to read it from the DC:
-PrincipalsAllowedToRetrieveManagedPassword <group> -ServicePrincipalNames <SPN1,SPN2,>
For more information see:
http://blogs.technet.com/b/askpfeplat/archive/2012/12/17/windows-server-2012-group-managed-service-accounts.aspx
Free Windows Admin Tool Kit Click here and download it now
November 18th, 2013 8:21pm
Hi,
Any update?
Please feel free to let us know if you need further assistance.
Regards.
November 22nd, 2013 2:14am
I am having this very same issue when using ADUC or the newer ADAC, was there any resolution to this.?
When I created the gMSA I used the option -PrincipalsAllowedToRetrieveManagedPassword to specify a group, and in that group I have added machine accounts that I want to be able to use the gMSA. Domain Controller computer accounts are in this group, but whenever I go to Attribute Editor in ADUC or ADAC I get the error. Interestingly I can Install and Uninstall the gMSA on the Domain Controller just fine.
Free Windows Admin Tool Kit Click here and download it now
May 13th, 2015 4:42am
Hi,
Please post a new thread about the issue. Since the original thread is for years.
Regards.
May 13th, 2015 9:26pm
This topic is archived. No further replies will be accepted.
Other recent topics
