Remove-SPManagedAccount is not working or you can't remove Managed Accounts from GUI

The Problem

I had to change the farm administrator because the IT decided not to use a single account as local admin anymore.

So I changed the farm account with powershell and adapted all the services. The only think was that I had forgot to delete the account from the managed accounts list.

Weeks passed and I stumbled over the account in the managed accounts list. When I tried to open the link "Security" -> "Configure managed accounts" I got an exception.

The error was obvious. The account which was deleted from the AD could not be resolved.


1.Try

I created the user again in the AD. After that the error in UI disappeared but when I tried to deleted the managed account from the list, I got following error.



2. Try

It seemed that there some services still reference this account.

The first thing was to check the IIS Application Pool accounts. Then I checked twice the settings in the CA "Security" -> "Configure Service Accounts" section.

The second thing was to delete the user from the sitecollection. Check if the user is still Site Collection Admin of the Central Administration site, check all Web Service Policies and delete the user from the site collection:

  • http://<cadmin:port>/_layouts/people.aspx?MembershipGroupId=0

After that I tried to delete the account again with no success.

You can check the pools with PowerShell easily by typing: Get-SPServiceApplicationPool

3.Try

The solution was in this post http://techilatalk.com/remove-spmanagedaccount-not-working/.

Steps to do.

  1. Find the id of the managed account
    1. Open "SharePoint Management Shell"
    2. Typ: Get-SPManagedAccount | FT UserName
    3. You'll see a list of managed accounts. Remember the login name.
      $acc = Get-SPManagedAccount -identity "domain\login"
    4. Type $acc.Id and copy the ID.
  2. Open SQL Server Management Studio. You can open this tool from every server which has access to the database. Only open it with Shift + Right Click & "Run as different user". Enter the logins from farm admin.

    1. Click "New Query"
    2. Enter following query whereas the ObjectId is the id of the managed account. The name of my config database is "ST_ConfigDb". Your config DB has surely an other name.


    3. We now see that the account has two dependencies. Now check the dependencies. The dependencies table refer objects from table objects.


    4. Now I see that the account refers to 2 pools with the name ST_Apps and SP01_MySites.
      The application pool ST_Apps doesn't exist anymore and I had already checked the account for the service SP01_MySites. That's wired.
    5. Next I checked if this can be an old reference, maybe a ghost one:


    6. And yes there was a second entry. I'm sure that this is an old reference.  So I went back to the dependencies tables, executed the first query again, made a copy of the line as backup and deleted both rows
  3. Delete the managed account
    1. Open SharePoint Management Shell
    2. $acc = Get-SPManagedAccount -identity "domain\login"
    3. Remove-SPManagedAccount $acc
    4. Check with Get-SPManagedAccounts


!! This solution is not supported from Microsoft. Microsoft does not support any changed made directly to the database.

Unfortunately I could not find any other solution.


Comments

Post a Comment

Popular posts from this blog

Open SharePoint 2010/2013 Display, Edit, New Forms in Modal Dialogs

Image
If you want to open a SP 2010 or in SP 2013 list item in a modal dialog you have two choices. Using the standard JavaScript functions or creating own functions. How to find which item URL is called If the dialog box appears you don't have an address bar to pick up the called URL. To see which URL is called when you edit or open a list item use the Internet Explorer Developer Tools. Open your source list in the Internet Explorer. Press F12 to open the developer tools. Click on the "Network" tab and then on "Start Capturing" Now click the link you want to track. You'll see the requests listed and you can also copy the urls for your need. SharePoint usually calls the /_layout/listform.aspx with the list parameter. The form then redirects to the appropriate list form. Method 1: Using core functions When using SharePoint 2010 core javascript functions to open elements in dialogs mostly you'll need to know : the ID of the l
Read more

Ways to redirect http requests in SharePoint

Image
The are multiple szenarios when you need a redirect in SharePoint: You've migrated SharePoint into a new URL (e.g http://sp2010 to http://sp2013) You moved a site collection You moved a sub site into a new site collection If you want to redirect in SharePoint without custom solutions you have the following options: Redirect with XML Viewer or Content Editor WebPart You can redirect with JavaScript by inserting a WebPart into the site and adding simple JavaScript. This is easy to configure but redirects only the site in which the WebPart sits (Probably the Mainsite). If users have saved links the their document libraries this method fails, unless you put the same WebPart into the document library. So go to the site you want to redirect and the XML Viewer WebPart. Open the WebPart settings and add the following line of code: <script type="text/javascript"> location.href = "<<the url you want to redirect>>"; </s
Read more

How to create a FAQ in SharePoint with OOB features

Image
There are lots of stuff in the web around how to create a FAQ in SharePoint. In this post I'll show you some tricks what you can do with additional OOB SharePoint tools to have also some search and some style within your FAQ to impress your customer. It also shows you the power of SharePoint as a developer platform. The requirements for our FAQ are: Easy to maintain Easy to search content Add documents as links in FAQ Grouped FAQ content Export FAQ when needed into a report To understand this post you should have some basic know-how about: SharePoint Lists SharePoint List Views HTML, CSS JavaScript (SharePoint Client API) SharePoint WebParts CAML or you just follow the instructions. The following image shows us the final page. Final FAQ Pag Our FAQ page has a FAQ list and a document library. This is useful if you want to link on some documents in your FAQ. The page has a list WebPart with a special grouped view and also2 quick searches fo
Read more