Azure AD devices with service account see error: "An error occurred while attempting to impersonate the requested user"
search cancel

Azure AD devices with service account see error: "An error occurred while attempting to impersonate the requested user"

book

Article ID: 273162

calendar_today

Updated On: 04-11-2025

Products

Client Management Suite IT Management Suite

Issue/Introduction

We have a service account that we use to run tasks. The account has been synced to AAD (Azure AD) and added to the proper AAD groups.

We have scripted tasks which are set to run as this service account, which runs fine for Domain or Hybrid joined devices. However, with AAD-only devices we get the following error in the Task Output:

"An error occurred while attempting to impersonate the requested user"

I have found that if I connect to the device and use RUN AS manually on any program (CMD for example) using the service account, it works fine. Also, once I run manually, the Altiris task then works afterwards. 

Environment

ITMS 8.7

Resolution

This issue was fixed in 8.7.1

If credentials are formatted as "AzureAD\name@domain" then SMA is using them first as "AzureAD\name@domain" and then as "domain\name" in case the first login attempt fails.

The fix can be tested even without AAD, simply specifying the credentials as "AzureAD\name@domain".