search cancel

AD service account Password Change Not Propagating to Connectors

book

Article ID: 214918

calendar_today

Updated On:

Products

CA Identity Suite

Issue/Introduction

We recently upgraded our connector servers to CP5.  Last night was our first AD service account password change since the upgrade.  We followed the instructions previously provided as we have many times before, but the service account to the endpoint kept locking itself out.  We verified the password we had.  We updated the credentials in the application numerous times and received success messages each time that the stored credentials had been updated.

We eventually restarted the connector servers, and they picked up the password changes and the application began working again.  It does not appear that the password had propagated to the Windows connector servers properly.  Have the instructions for password updates changed in CP5?  Is this an indication that something is wrong with the application or with our CP5 upgrade?  Should connector restarts always be required for password changes, now?


Resolution

When changing the AD service account, you should first shut down all but one connector server, reset the AD service account password, then restart the other connector servers.