The user Name can only contain alphanumeric and the following special characters.
search cancel

The user Name can only contain alphanumeric and the following special characters.

book

Article ID: 165275

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

The Application Identify (aka AppID) account was changed from [SMPDom\altirissv01] to [SMPDom\altirissv02] using the steps from KB 156852
Then, an upgrade was performed via Symantec Installation Manager (aka SIM); However, during the configuration process the following error occurred:

 

The username or password doesn't contain any other different special character from the valid list mentioned above in the error message.

Related NS logs entries:

Entry 1:

Failed to validate database access credentials

Entry 2:

Failed to configure database settings.

 

Entry 3:

Failed to configure database settings.
Failed to configure database settings.

Environment

ITMS 7.6, 8.0, 8.1

Cause

In this particular instance, the customer was not logged in into the SMP server using the new AppID account. Validations needed to decrypt the account and password were not set properly while logged in with his personal account.

Resolution

This issue has been addressed with recent SIM version post-8.1.4546.

 

Previous steps to address this issue:

  1. Log out of the SMP from the personal account.
  2. Log in using the AppID account
  3. Launch SIM using elevated Admin rights
  4. Start a repair on installed products that appear misconfigured

Note: In some instances, due to the change of AppID account and the configuration failure, you may see an error like this:

DAL Generator failed.
Critical error: Failed to compile shadow assembly.

error CS1548: Cryptographic failure while signing assembly 'c:\ProgramData\Symantec\SMP\DAL\Altiris.NS.StandardItems.Dal.v4.8B3C10B1CB700CD8AB1C42C2CCF160E9F334E6F6\Altiris.NS.StandardItems.Dal.dll' -- 'Error signing assembly -- Unknown error (8013141c)'

If you do, try the following:

Give your user (In our case, the «user» should be NS «App Identity») Full Access to the following folder: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys (or C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys in previous OS versions).

We found that in some occasions the permissions in the machine keys directory needed to have the service account (App Identity) added instead of just administrators group:

  1. Change security on directory:
    • C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
  2. Add your App Identity account, with the following minimum "Advanced" set of permissions:
    • Create files / write data
    • Create folders / append data
    • Write attributes
    • Write extended attributes
    • Delete

After hitting apply, accept that 5 directories were "Access is denied", if any.