SharePoint Thoughts - Discussion view

Bug update: Deleting the underlying account of an SPManagedAccount

Posted on 6/1/2010 1:55 PM by Maurice Prather

Quick update on the bug that I reported a few weeks ago...

During the MCM class, I had a chance to follow up on the SPManageAccount issue. It turns out that the Managed Account feature simply looks up the account based on the actual string representation of the account (i.e. domain\account) rather than relying on the SID.

When I uncovered this problem, we had been actively using the account, discontinued use (but left it in the SPManagedAccount collection), and deleted the account from AD. Since we had already loaded the information into memory, the netlogon api had effectively cached the user information. Thus, subsequent lookups appeared to fail even though we had tried the simple process of recreating an identically named account (cached sid value didn't match the new sid value). If we had just waited 15-20 minutes for the cache to timeout, we would have found that creating a new account with the same name would have worked.

Net result: the bug is not as bad as it seems. You are not required to restore the orginal account (sid). Wait for the system to flush out the old cached values, then create a new account with the same login name. At that point in time, you should be able to regain functionality and properly clean up your SPManagedAccount collection.

Thanks to Todd and Sean for helping unravel the issue...

-Maurice

Today's hottest posts!

Your Top 10 List...Or How To Gather Usage Statistics with SharePoint

A developer's point of view on understanding the "not registered on this site as safe" error message

Let’s talk about blogging with SharePoint... [Post 1/3]

Building a blog with SharePoint – the fundamentals [Post 2/3]

Advanced coding technique: using AppDomains to get past OM limitations

Updated: Fri, 03 Sep 2010 00:46:55 GMT