4/5/2012 11:33:03 AM
OK, so our AD is fully secured, we have 3 groups for secret server access types. They are restricted to changes to myslef and one other admin in the building. Neither of us made changes, and AD logging does not show changes on these groups either.
This morning a user complained he could not see anything in Secret Server. Last night the auto sync removed him. I had to manually sync this morning to get it working for him again. logs search for him below going back to user creation. The only thing I can think of would be that I applied the latest patch yesterday morning.
04/05/2012 09:25:57 cpgreeley.com : Adding user "mpeters" to group Secret Server Write Access.
04/04/2012 21:26:32 cpgreeley.com : Disabling user "cpgreeley.com\mpeters". Reason: Not found in a synchronization group.
04/04/2012 21:26:30 cpgreeley.com : Adding user "mpeters" to group Secret Server Write Access.
04/04/2012 21:26:30 Removing user "mpeters" from group Secret Server Write Access. Reason: user no longer belongs to that Active directory group.
01/11/2012 11:02:11 Updating Active Directory user "mpeters".
08/22/2011 22:56:37 Updating Active Directory user "mpeters".
07/31/2011 21:14:58 cpgreeley.com : Adding user "mpeters" to group Secret Server Write Access.
07/31/2011 21:14:57 cpgreeley.com : Creating Active Directory user "cpgreeley.com\mpeters".
Anyone seen something like this or have any ideas to look at?