Share via

Azure Hybrid Instance Metadata Service (himds) could not start.

Nhat Hoang 46 Reputation points
2021-08-11T19:39:37.91+00:00

Hi everyone,

I got the agent installed on a group of on-prem servers where the Log-on-as-a-service is set by a group policy. That made the Azure Arc agent could not start after restarting the servers (NT SERVICE\himds was removed from Log-on-as-a-service). I could not find that account in the group policy. Can anyone help me?

  1. How I can add that account to Log-on-as-a-service through the group policy?
  2. Is there a way to change the himds account by a domain account on that service? any affect to azure arc function if we can change it?

Thank you,

Azure Arc
Azure Arc
A Microsoft cloud service that enables deployment of Azure services across hybrid and multicloud environments.
337 questions
Accepted answer
  1. tbgangav-MSFT 10,386 Reputation points
    2021-08-12T17:36:34.24+00:00

    Hi @Nhat Hoang ,

    In your case IF it's like domain policy is there to overwrite the setting THEN it would require domain admin to fix the domain GPO.

    Also, one thing to check is, does the GPO not include NT SERVICE\ALL SERVICES for the log on as a service right!? That would be my default recommendation and the easiest approach.

    Also, we do not support running the Arc services as domain or local accounts. Upon an upgrade of the agent, it would likely revert back to using the virtual account.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Maik 0 Reputation points
    2023-01-13T09:04:12.44+00:00

    Hello there

    Microsoft 365 Defender

    Change service account to avoid cached password in windows registry

    himds

    How to face this recommendation?

    Thanks

    Best regards
    Maik

    0 comments