Running Configuration Wizard fails with error The password for '' could not be validated

book

Article ID: 100009043

calendar_today

Updated On:

Description

Error Message

The password for '' could not be validated. Check that you have entered the correct password and that the account is not disabled and has not expired. Reason: The parameter is incorrect.

An error occurred while attempting to repair orphaned Computer Entry in Directory. Failed to read the services for computer '[EV-SERVER-NAME]'.

Event ID : 8418 Failed to get user groups with domain group error code and local group error code 2221.

V-437-8418

Running a dtrace for the following processes: AdminService, DirectoryService and EVRunDll might help to identify this problem. The following entries could confirm a DNS configuration issue:

(EVRunDll) EV:H VaultCoCreateInstanceEx: An error occurred - RequestedServerName = [EV_SERVER_NAME], UsedServerName = [EV_SERVER_IP_ADDRESS], hrCCI = [0x80070005], hrResultsQI = [0x80004005], NumTried = [6], bLocalMachine = [False]

(EVRunDll) EV~E Event ID: 8418 Failed to get user groups with domain group error code and local group error code 2221

Running the following command from Windows command prompt will provide more details for error code 2221:

C:\>net helpmsg 2221

The user name could not be found.

Cause

It has been observed that this issue might be generated due to a DNS configuration issue, where the Enterprise Vault alias has not been updated correctly.

Resolution

A network packet trace could provide more details to troubleshoot this issue further. Use a network packet trace program, such as Wireshark to capture a network packet trace:

Check DNS resolution failure for Windows DC/GC/AD servers:
- NBNS (NetBIOS) packets with error "Name query response, Requested name does not exist", means that a DC/GC/AD server might not be available.
- ICMP (Internet Control Message Protocol) packets with error "Destination unreachable (Port unreachable)", means that the program tried to connect to a server that is not reachable (router or firewall configuration).
Check for entries with EV_SERVER_NAME from dtrace logs RequestedServerName = [EV_SERVER_NAME].

In order to resolve this issue, following actions could be performed:

Confirm that all Enterprise Vault alias has been updated on all DNS servers.
Verify Enterprise Vault network settings and DNS configuration as well. If necessary, force Enterprise Vault server to connect to a specific DNS server as a troubleshooting step.
Use ping, nslookup, and tracert command to confirm full connectivity between Enterprise Vault server and Windows DC/GC/AD servers.
Compare network subnet between old and new Enterprise Vault server to confirm both match.

Issue/Introduction

When running the Enterprise Vault Configuration Wizard to repair or to re-add an existing Enterprise Vault server to an existing site, after entering the name of the existing SQL server and clicking next, the configuration wizard asks for the Vault Service Account password. As shown below, the 'Account' field might be blank:

After entering the password and clicking OK, the following error message is generated: The password for '' could not be validated. Check that you have entered the correct password and that the account is not disabled and has not expired. Reason: The parameter is incorrect.

The password for '' could not be validated.

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"