Troubleshooting
Problem
A typical GMSA account normally ends with a '$' character at the end of the username
See: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/service-accounts-group-managed
When attempting the following actions with a group-managed service account (GMSA) an error is encountered creating a security file.
The same issue is encountered even if the userid is not a GMSA account but contains the '$' character as part of the username.
for example...
log in to the system as 'application_user$'
(i) execute 'tacmd login -s hubTEMS -u application_user$
log in to the system as 'application_user$'
(i) execute 'tacmd login -s hubTEMS -u application_user$
Symptom
The tacmd login command fails with the following error:
+6283439C.0000 </SOAP-CHK:Success></SOAP-ENV:Body></SOAP-ENV:Envelope>]
(6283439C.0001-CBC:kbbssge.c,72,"BSS1_GetEnv") USERPROFILE="C:\Users\application_user$ <=== Trailing KBB_VARPREFIX $ not allowed in env var"
(6283439C.0002-CBC:kuitacmdmain.cpp,1167,"createSecurityFile") Unable to open file [C:\Users\application_user$ <=== Trailing KBB_VARPREFIX $ not allowed in env var\.tacmd_SYSTEM.sec] for writing security token.
KUIC02013E: The software did not run the command because of an internal system error.
Contact the system administrator.
(6283439C.0003-CBC:kuitacmdmain.cpp,2824,"Login") Error 8 creating security file.
+6283439C.0000 </SOAP-CHK:Success></SOAP-ENV:Body></SOAP-ENV:Envelope>]
(6283439C.0001-CBC:kbbssge.c,72,"BSS1_GetEnv") USERPROFILE="C:\Users\application_user$ <=== Trailing KBB_VARPREFIX $ not allowed in env var"
(6283439C.0002-CBC:kuitacmdmain.cpp,1167,"createSecurityFile") Unable to open file [C:\Users\application_user$ <=== Trailing KBB_VARPREFIX $ not allowed in env var\.tacmd_SYSTEM.sec] for writing security token.
KUIC02013E: The software did not run the command because of an internal system error.
Contact the system administrator.
(6283439C.0003-CBC:kuitacmdmain.cpp,2824,"Login") Error 8 creating security file.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB67","label":"IT Automation \u0026 App Modernization"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSTFXA","label":"Tivoli Monitoring"},"ARM Category":[{"code":"a8m3p000000hBWhAAM","label":"ITM Command Line Interface\/CLI"}],"ARM Case Number":"TS009417978","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
10 July 2024
UID
ibm16615091