Hi @Navratil, Jan ,
AKS needs an identity to access other AD resources. For this, you have two options:
1- Managed Identity (newer and easier)
2- Service Principal (older)
From the question, I can see that you are using Service Principal for your AKS cluster. The first command you shared that is using
--reset-service-principal is the correct command that needs to be used to reset the credentials.
Now, going to the second command you shared which is using
--reset-aad. This command is using to configure user access to the AKS cluster itself (authenticating users when using kubectl for example). I should mention that this feature is deprecated and being remove soon, and it has been replaced by AKS-managed Azure Active Directory integration.
You mentioned that the cluster is still using the old secret. May I ask how you checked that?
Thank you !