ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
After changing the AppID password, the Altiris Account keeps locking up.
Article ID: 161516
Management Platform (Formerly known as Notification Server)
After changing the password for the Application Identity (AppID), the Altiris account keeps locking up constantly without a specific reason. There is no specific errors in the Event logs and Notification Server logs that points to the specific application or process that is causing it.
There are multiple reasons for such problem. Some of the most common are:
1. There are some Scheduled Tasks and Active Directory Imports that may be using the AppID as user but having the old password still associated to them.
2. There are services outside the SMP where the customer is using the same AppID account, such as the SQL service account and still the account is not updated
Make sure that you followed the suggestions on the following KB Articles:
KB TECH194254 "How to change the password of the Application Identity account"
KB HOWTO1065 "Application Identity—how to change the password"
KB HOWTO10009 "How to change the Notification Server's Application Identity"
KB TECH44284 "AeXConfig.exe /svcid command does not set application id or service credentials"
Verify that there are not Scheduled Tasks running under the Altiris account. Usually you can identify those tasks by looking on those that have a Status saying "Could Not Start" or "Never". By default those should be running under NT AUTHORITY\SYSTEM. Try to change the "Run As" account under the Properties of those Scheduled Tasks that are not running or add the new password to those tasks that are using the Altiris account.
Verify that you don't have Active Directory Import Rules that are using the Altiris Account with the old password. It is recommended to use the "Use Application Credentials" for authentication.
Verify you don't have another service outside SMP that uses the same AppID account to run the service, such as the SQL service account on your SQL server.
You may need to check any other configuration that uses Authentication processes. Some of them could be:
Package Servers (under Settings> All Settings> Notification Server> Site Server Settings> Package Service> Advanced> Package Servers Settings).