Automating FIM Syncs but "A Specified Logon Session Does Not Exist!" WTF does that mean?
Personally, I think it would be really nice -- and perhaps is long overdue -- for the FIM Synchronization engine to provide functionality to allow for the automated execution of run profiles on a schedule, but until that sweet day, we need to use the standard process of exectuing the run profiles via a script, initiated from a scheduled task.
Anyway, I digress...
This morning, while attempting to create a scheduled task to run my automation script (under the security context of a service account WITH a persisted password), this usually routine effort was thwarted with the following error message when I attempted to save it:
An error has occurred for task [NAME OF SCHEDULED TASK]. Error Message: The following error was reported: A specified logon session does not exist. It may already have been terminated.
What this jibber-jabber is saying is that there is a local policy preventing you from persisting (i.e. storing) the specified service account's password.
To verify this:
- Open up your Local Security Policies.
- Navigate to Security Settings --> Local Policies --> Security Options
- Open up the policy, Network access: Do not allow storage of passwords and credentials for network authentication
- If that locally is enabled, you will need to disable it in order to persist the password for your service account.
As usual, if your ability to change it is grayed out otherwise unavailable, you either do not have rights to change the policy or the policy is controlled by GPO. Either way, you will need to disable this policy in order to get past this.