Submit a ticketCall us
Home > Success Center > Web Performance Monitor (WPM) > WPM - Knowledgebase Articles > "Could not use domain accounts for Agent workers" message appears after WPM Player fails

"Could not use domain accounts for Agent workers" message appears after WPM Player fails

Updated November 29, 2018

Overview

This article describes how to resolve an error message that may appear in the Orion Web Console after trying to play a recording in the WPM Player:

Could not use domain accounts for Agent workers

 

When you play a recording, the WPM Playback Player service tries to validate that domain accounts included in the WPM Player configuration exist in the domain, which involves the following steps: 

  1. WPM uses the credentials of the user that launched the WPM Player to connect to Active Directory.
  2. The WPM Playback Player service uses Windows System account credentials to connect to Active Directory.
  3. For each domain account in the WPM Player configuration, a query is sent to Active Directory to check if the user exists in Active Directory.
  4. The WPM Playback Player connects to the Orion Server (or perhaps an Additional Polling Engine, depending on the setup) to report the connection status.

 

If the WPM Playback Player service cannot validate that at least one user exists in Active Directory for a domain account, a "Could not use domain accounts for Agent workers" message appears in the Location Details widget on the Transaction Summary > Location Details view of the Orion Web Console.

Results like those shown below appear in AgentService.log files.

2018-10-25 16:16:04,219 [7] ERROR 
SolarWinds.SEUM.Agent.WorkerProcessManagement.WorkerProcessManager - Invalid domain 
account settings.
System.Runtime.InteropServices.COMException (0x8007200A): The specified directory

service attribute or value does not exist.
2018-10-25 16:16:04,219 [7] ERROR 
SolarWinds.SEUM.Agent.WorkerProcessManagement.WorkerProcessManager - No user account 
for Session Manager was found."

By default, AgentService.log files are stored on target player machines in C:\ProgramData\Solarwinds\Logs\SEUM

 

Environment

  • WPM 2.0 and later
  • Windows environment with Active Directory

Cause

When WPM queries Active Directory to check if users exist for domain accounts (see step 3 above), the Active Directory configuration does not provide read access to the following Organizational Units (OUs).

  • CN=Users
  • CN=Computers

If the WPM Player cannot verify a domain account for WPM worker processes, it cannot play transactions.  

Resolution

  • Locate the domain computer account that belongs to the WPM Player location (domain\WpmPlayerLocationHostName$).  
  • Provide the domain account with read access to all Active Directory objects. If that option conflicts with your organization policies, provide read access to at least the default OUs, especially the following:
    • CN=Users
    • CN=Computers
 
Last modified

Tags

Classifications

Public