How to change the One Identity Cloud Access Manager service account.
After changing service account can no longer login to the admin page.
Cannot get to the Application Portal however the status on the Home page shows green and the proxy is up and running.
Error.html appears Error. An unexpected error has occurred. Please contact your Cloud Access Manager administrator to check the logs for additional details.
CAUTION: Changing the service account without following the proper steps will break login to the Admin page.
1. Very important: Back-up all Cloud Access Manager (CAM) hosts (Proxy, STS and DB) for example by taking snapshots of each VM or making backup copies of the databases.
2. Create a new user in Active Directory to be used to run the CAM components, for example, called “cam-service” and set the password to never expire. No special privileges or groups are required, just a standard domain user.
4. Using SQL Management Studio run the following SQL on ALL CAM databases:
EXEC sp_addrolemember 'db_owner', 'CTUser'
5. Reinstall CAM on the STS host(s), entering the new user at the beginning of the install wizard.
6. When the installer completes the RSTS service and IIS app pool will be running as the new CAM user.
See example screenshots:
7. In the CAM Launch wizard:
- Enter the same Proxy Hostname as was set prior to uninstallation.
9. Complete the Launch wizard configuration on the STS server.