AnsweredAssumed Answered

Can't change Scheduled Task password with proxy: PAM-CM-3466 error

Question asked by boatguypat Employee on Feb 23, 2018
Latest reply on Mar 20, 2018 by boatguypat

I am using PAM 3.0.1. I have the current Windows Proxy running on Windows box 2 (Windows Server 2012 R2). The service is running under the local Administrator account. It is set up / able to mange local account passwords on Windows box 1 (Windows server 2008 R2).

  1.  I have a local Windows box 1 account being managed, and use that account to discover other local accounts on Windows 1. That works fine.
  2. I then take 1 of the discovered accounts under management. That works fine. This account (adm1) has both a scheduled task and a service running under it.
  3. I enable task and service discovery on the target application, re-run the discovery, and find both the service and task.
  4. I "Update" to add the service/task to the adm1 managed account in the Discovery menu. This step does not attempt to update any passwords.
  5. I then return to the adm1 managed target account, view the service/task, generate a new credential, and force a password change. Upon saving, I get a Warning/error  "PAM-CM-3466: Error updating task credentials."

 

What is interesting, if i re-open the target account (adm1), supply a password to PAM to change the account to, then manually update the task on Windows box 1 to that password, then it will remain in sync with PAM (PAM will update the Task password along with the account password). Scratch that - it does not stay sync'd. Wondering if i am performing something out of sequence that is preventing the sync-up. The Service syncs up immediately - no problems there.  

Outcomes