The Password Synchronization Agent is not responding or receiving requests.

book

Article ID: 7981

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On

Issue/Introduction

  • User Passwords are not in sync between AD and Identity Manager.
  • The password synhronization agent logs are no longer updating and there are not errors to explain why the password changes are not taking place.
  • There are no requests in the Provisioning etatrans log coming from the password sync agent. 

Cause

When a user changes their password, the password change is directed to the user's LOGON SERVER on the Domain controller. This is denoted by the %LOGONSERVER% environment variable. 

If the user's Logon Server changes to a domain controller that does not have the Password synchronisation agent installed, then password requests cannot be intercepted and directed to Provisioning. This can happen if the Password sync agent is installed on the production domain controllers but not the backup/disaster recovery domains controllers. 

 

Environment

Applicable to the Windows Password Synchronization Agent on all windows platforms.

Resolution

Additional Information

 See Also: TEC1065534 "Password Sync Agent does not propagate the password to accounts"