Error Message: You can only delete an account domain when it is not being referenced in the password or shared key checkouts.

  • 7022841
  • 11-Apr-2018
  • 11-Apr-2018

Environment

Privileged Account Manager 3.2

Situation

An existing password checkout request fails to check back in preventing deletion of the account domain from the crdvlt
Trying to delete an Application Account Domain that has previously been used for Password Checkout from the Privileged Credential Vault (crdvlt) results in the following error dialog from the browser:

Please try again. Error Message: You can only delete an account domain when it is not being referenced in the password or shared key checkouts.

Resolution

A credential has been actively checked out and has not yet been checked in successfully.
Please refer to the DEBUG unifid.log for more details on the reason for this failure.
Once all pending credentials have been checked back in, then deletion will be permitted by the credential vault for this account domain.

If it's not possible to successfully checkin the password, it may be possible for the failing request to be manually removed from the db.
Please contact Support by creating a Service Request using the Customer Center for further help addressing this issue.
For more details, please refer to the Technical Support Handbook.

Cause

An account domain is not able to be deleted when there is an actively checked out credential.