Hi everybody,
We have a PAM solution in place which works as designed. Still it seems something is not completely fine, on the server running the PAM Monitoring service warnings appears with eventIDs 872 & 824:
Log Name: Priviliged Access Management
Source: Microsoft.IdentityManagement.PamMonitoringService
EventID: 872
Level: Warning
Failed to scan PAM group [group name]. Exception: System.InvalidOperationException: Operation is not valid due to the current state of the object.
at Microsoft.ResourceManagement.WebServices.Client.Attribute.ReadValueAsBinary()
at Microsoft.IdentityManagement.PamCmdlets.Managers.PamUserManager.GetPamUserByMimUser(ResourceManager corpMimUser, Boolean nonBlocking)
at Microsoft.IdentityManagement.PamCmdlets.Managers.PamUserManager.RetrieveAllPAMUsersWithFilter(String filter, Boolean filterPamUsers, Boolean nonBlocking)
at Microsoft.IdentityManagement.PamCmdlets.Managers.PamUserManager.RetrieveAllPAMUsersWithNameFilter(String sourceDisplayName, String sourceDomain, String sourceAccountName, String privDisplayName, String additionalFilter, Boolean nonBlocking)
at Microsoft.IdentityManagement.PamMonitoring.PamSecurityScanner.GetActivePamRequests(String userSid)
at Microsoft.IdentityManagement.PamMonitoring.PamSecurityScanner.IsMember(String principalSid, String groupSid)
at Microsoft.IdentityManagement
Log Name: Priviliged Access Management
Source: Microsoft.IdentityManagement.PamMonitoringService
EventID: 824
Level: Warning
There was an error while updating users and groups. Exception: System.InvalidOperationException: Operation is not valid due to the current state of the object.
at Microsoft.ResourceManagement.WebServices.Client.Attribute.ReadValueAsBinary()
at Microsoft.IdentityManagement.PamCmdlets.Managers.PamUserManager.GetPamUserByMimUser(ResourceManager corpMimUser, Boolean nonBlocking)
at Microsoft.IdentityManagement.PamCmdlets.Managers.PamUserManager.RetrieveAllPAMUsersWithFilter(String filter, Boolean filterPamUsers, Boolean nonBlocking)
at Microsoft.IdentityManagement.PamCmdlets.Managers.PamUserManager.RetrieveAllPAMUsersWithNameFilter(String sourceDisplayName, String sourceDomain, String sourceAccountName, String privDisplayName, String additionalFilter, Boolean nonBlocking)
at Microsoft.IdentityManagement.PamMonitoring.PamUserHandlers.Monitor(IEnumerable`1 privUsers)
at Microsoft.IdentityManagement.PamMonitoring.PamMonitoringManager.Run()
Can anyone point me in the right direction what could be the cause of these warnings?
Cheers
Trumpeteer ;-)