UIMADMIN id lock frequently

book

Article ID: 223281

calendar_today

Updated On:

Products

CA Unified Infrastructure Management On-Premise (Nimsoft / UIM)

Issue/Introduction

We have configured 'UIMADMIN' id in LDAP configuration, We are facing issue with frequently locked due to the user are getting 'Authentication error'.

Post we unlock the UIMADMIN then user are able to get access UMP portal for some time after then it happened to lock again.

We have changed UIMADMIN password recently post that we are getting this issue.

From hub.log:-

HUb Stopped processing ACL's due to communication error

From the AD log:-

Aug 20 18:20:06 10.1.29.161 AgentDevice=WindowsLog AgentLogFile=Security PluginVersion=7.2.9.96 Source=Microsoft-Windows-Security-Auditing Computer=HBCHADC12.hbctxdom.com OriginatingComputer=10.1.29.161 User= Domain= EventID=4776 EventIDCode=4776 EventType=8 EventCategory=14336 RecordNumber=70302389502 TimeGenerated=1629463806 TimeWritten=1629463806 Level=Log Always Keywords=Audit Success Task=SE_ADT_ACCOUNTLOGON_CREDENTIALVALIDATION Opcode=Info Message=The computer attempted to validate the credentials for an account.  Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon Account: UIMADMIN Source Workstation: HBCHADC12 Error Code: 0x0 

 

Environment

UIM 9.02

Hub 7.6

Resolution

Check the above error message with AD team and follow the below Document:-

https://www.manageengine.com/products/active-directory-audit/kb/windows-security-log-event-id-4776.html