Error when attempting to access Configure service accounts.
SharePoint 2010/2013
Issue: Attempting to configure service accounts errors – Correlation ID shows the following error syntax “Application error when access /_admin/FarmCredentialManagement.aspx, Error=Some or all identity references could not be translated. at system.security.principal.NTAccount….”
The story: Being a diligent admin, I was cleaning up unused accounts for simplicity and tracking. We are in the middle of deploying a large scale BI deployment and if you have done so, you understand the importance of keeping track of your service accounts. The service account I deleted was an afterthought account. An account that would possibly be used for an unattended Performance Point set up. So, first thing I did was go to good old Active Directory and removed the account, I would get to CA later… J
Well later came and in the midst of many projects and tasks, and age… it got off my radar. When the time came to get back to testing and using the farm I clicked on the “Configure Service Accounts…
Suddenly, as you can see below, the dreaded Correlation ID… Dig out ULSViewer and track it down.
So below is what I found. So my next step, based on the wording “all identity references” (for what ever reason), made me think to check the Managed account settings.
So next, back to Central Admin to check the available accounts – configure managed accounts.
The tip off for me was the missing information in the Last Password change Column. This info is directly gathered from Active Directory, not to mention, this was the account I had cleaned out of AD recently. Next I click on the X to delete it, as any good admin would and….
… another dreaded correlation ID error…
Solution: Crack open PowerShell and type the following: 1. Get-SPManagedAccount (The verification is the blank PasswordExpiration Column. 2. Get-SPManagedAccount | ? {$_.PasswordExpiration -eq $null} | Remove-SPManagedAccount . (Added this recently as I noticed my screenshots disappeared.)
The first one is strictly for verification that PowerShell is seeing what Central Administration is showing. The following command removes it from Central Administration.
Note: Attempting to use Remove-SPManagedAccount directly failed – I believe that during its reference to AD it does not see and account. The Null Password Variable is a directly correlation and reference to the SharePoint Databases therefore removing it.
Removed…
Access Restored…
In conclusion, remove the accounts from Central Administration first and be diligent… My multitasking got the best of me.