Sitecore Admin Account Locking
We are experiencing an issue with our Admin account becoming locked out on a regular basis. We have CES installed on it's own server. The content management server site receives an error in the searchboxview.cshtml since the account is locked. This error is not shown on the content delivery site since the securtyconfiguration block of the searchprovider.config is set according to documentation.
<securityConfiguration type="Coveo.Framework.Configuration.SecurityConfiguration, Coveo.Framework"> <SkipSitecoreCredentialsUpdate>true</SkipSitecoreCredentialsUpdate> <SkipSitecoreLoginCheck>true</SkipSitecoreLoginCheck> </securityConfiguration>
The searchprovider.config of both CM and CD have a matching setup except for the changes we made to CD. If we unlock the account, the CM site works again, and there are no issues or errors thrown until the account is somehow locked again. While it is unlocked we are able to search without issue. If any further information is needed, let me know.
Exception: Coveo.Framework.Exceptions.CoveoIndexConfigurationException Message: There was an error in the Coveo Index Configuration.: Either the SitecoreUsername or SitecorePassword configuration value is invalid. Please enter valid credentials. Source: Coveo.Framework at Coveo.Framework.Configuration.CoveoIndexConfiguration.Validate() at Coveo.SearchProvider.ProviderIndexBase.Initialize(IIndexDocumentPropertyMapper`1 p_DocumentTypeMapper) ManagedPoolThread #13 00:47:41 ERROR Exception Exception: System.Reflection.TargetInvocationException Message: Exception has been thrown by the target of an invocation. Source: mscorlib at System.RuntimeMethodHandle.InvokeMethod(Object target, Object arguments, Signature sig, Boolean constructor) at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object parameters, Object arguments) at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object parameters, CultureInfo culture) at System.Reflection.MethodBase.Invoke(Object obj, Object parameters) at (Object , Object ) at Sitecore.Pipelines.CorePipeline.Run(PipelineArgs args) at Sitecore.Jobs.Job.ThreadEntry(Object state)
If your Sitecore admin account is not
sitecore\admin or its password is not "b" or you changed its password recently, you have to set the Sitecore credentials in Coveo for Sitecore (see Configuring the Sitecore Credentials). This will update the
<SitecorePassword> nodes of your
After the change, you need to index at least 1 Sitecore item for the credentials synchronization with CES to be done. You should also synchronize the changes to the config files on all your CD servers. The password is encrypted with the
\Data\Coveo\ConfigurationEncryptionKeys\RijndaelEncryptionKeys encryption key. You should also ensure this key is the same on all the CM and CD servers.
Those credentials are set in a User Identity in CES that is used by the CES Security Provider to expand the Sitecore roles while indexing.