Forum Discussion
ATP sensor fails to start since yesterday
Hi there, we run the ATP sensor with a gMSA account on all domain controllers. Yesterday we restarted all machines because of January patch day and now the ATP sensor will get stuck while startin...
No. I had a long support case with MS and we did not find a real solution. At the end they asked me to create yet another gMSA and it was working then for a few days. Exactly long enough to close the case.
Now a few days later some of the DC's show the same error again. I think, I'll go back to a normal account. Seems like this gMSA stuff is somehow broken.
Now a few days later some of the DC's show the same error again. I think, I'll go back to a normal account. Seems like this gMSA stuff is somehow broken.
- ingo-boettcher does your kds-rootkey possibly point to a demoted/deleted DC?
- there were two root keys, where one pointed to an old DC that was no longer in use for years. I have removed this old key and will see what happens.
But the key was from 2013, the old DC removed at least five years ago and the gMSA was working with ATP for some years... but we'll see!- Please let me know
- I'm getting the same error (version 2.239.18125.50420). KDS root key was pointing to a demoted DC, but reassociating it to a current DC has made no difference.
Similar scenario to the OP, where one DC out of 20+ is fine, but the others are busted. Strangely, the GSMA is being used across a forest trust and those DCs are all fine.
