This monitor checks that a set of Run As accounts are authorized. Authorization can be restricted when an administrator runs the HSLockdown tool.
Knowledge Base article:
Summary
One or more Windows credentials being used in a Run As account have been blocked on this computer.
Below is a summary of the default configuration of this monitor:
Warning state: Transition to warning state if the System Center Management Health Service blocked access to the specified Windows credential (event 7017)
Healthy state: Transition to healthy state if the System Center Management Health Service has authorized all configured Run As accounts to execute (event 7025)
Causes
By default, all credentials are permitted to run on a computer. This failure will occur if one or more credentials have been denied access on the computer with the HSLockdown tool.
Resolutions
The monitor will not return to a healthy state until all credential authorization issues are resolved on this computer. A 7025 event will be generated when all issues have been resolved.
You can perform the following steps to resolve the problem:
Identify the credentials that are trying to load but have been denied access to the computer. Look for 7017 events on the computer in question.
If the credentials should be permitted, run HSLockdown.exe with the "/A" parameter to add the credentials.
If the credentials should not be permitted, determine which Run As profiles are using these credentials and remove these credentials from those profiles. Update the profiles with permitted credentials.
If the workflows should not be running on this computer, use overrides to disable the workflows.
Home
ENU