Hi, I recently encountered the following situation on a DMA:
- A local user ("new_user") was created using lusrmgr.msc
- The "Add existing user..." button in System Center was used to add "new_user". The user was added as a local user.
- After a while (overnight), the "new_user" turned out to be deleted both from DataMiner and from the Windows OS.
And I noticed the following notice entries:
The problem turned out to be that the "Add existing user..." button should be used for domain users, and if local users are to be created, they should be added via DataMiner using the "Add new user..." button (not the procedure above).
But my question is about the process that is deleting users as per the notices above and what would trigger such a process to occur? Does a security audit on users occur on a daily basis?
Hi Bing,
The actions you're seeing ("User - xxxx - password not known by dataminer. User will be deleted.") are actually being executed at DataMiner startup only, not on a daily basis.
The message means that DataMiner found a record for a non-deleted local user in its security configuration, but that this user does not exist on the Windows level. DataMiner will then try to recreate that local user on the Windows level. When no password information is available for the user in the DataMiner configuration, the user cannot be recreated and gets removed from the DataMiner configuration.
My main guess is that the local user account did not exist at Windows level on at least one of the DMAs in the cluster. Using "Add existing user" synchronized the user in the DataMiner configuration (without a password). Restarting one of the agents that didn't have the Windows user caused the user to be deleted.
That said, my advice for adding local accounts would be to either use "Add new user", or to use the "Add existing user" followed by setting a new password through DataMiner.
Thanks Wouter, for the insights. I’ll try out your suggestions.