Application ID account locks out after rebuilding Notification Server
search cancel

Application ID account locks out after rebuilding Notification Server


Article ID: 164684


Updated On:


IT Management Suite


After rebuilding a Notification Server and attaching an existing databases, multiple applicatoin ID lockout instances occur the next time that the agent upgrade is activated

'Account is locked' type messages in the Altiris log viewer refering to the application ID (the account under which the Altiris Service runs) 


ITMS 8.0 agent versions prior to HF3 that have been migrated to a new or rebuilt Notification Server


Clients were retaining old cached credentials from the previous server after the switch to the new server.


The issue has been resolved in 8.0 HF3 and later versions of ITMS.

Customer's who need to remediate the issue manually can clear the credential cache on the agent with the command below: 

  1. Copy the SMATool from the NS (found at <Program Files>\Altiris\Notification Server\Bin\Tools\SMATool.exe) to the client under, say c:\temp:
  2. Run the following from an administrator cmd line:

smatool /storage delete {FE2E72CB-AC36-4448-8A23-FB6B14F41B2F}
smatool /storage delete AgentCore\ConnectionProfiles\{40945216-7a60-474d-a2c7-e12733714312}\{FE2E72CB-AC36-4448-8A23-FB6B14F41B2F}

The second command may give a ‘not found’ error, but that’s ok.

       3. Next try the agent upgrade on only that client and see if there’s a lockout. On success scale up the task to other affected machines