Due to security concerns sometimes customers need to change Service Account / SQL Password in Vault. This needs specific steps in a replicated environment, which we will discuss in the article below.


Service Account

We distinguish here 2 things. SQL Replication and IIS Impersonation.

SQL Replication

You can quickly identify if the credentials no longer work based on the error message generated when creating a snapshot:

So first change the credentials via ADMS Console.
Workgroup / RMB / Replication Properties

This change will trigger a new Snapshot to be generated. After this snapshot has been generated the merge agent can connect again and will sync up and show “Waiting for 60 second(s) before polling further changes.”

Sometimes we do see that the credentials of the Publication are not correctly updated or were not correct. In that case, go manually into the SQL Server Management Studio on the Publisher / Replication / Local Publications / RMB on the affected Publication and select Properties.

Here select agent Security and re-add the user credentials.
Usually, this should not be necessary.

IIS Impersonation

This is pretty straightforward.
In ADMS Console / Tools / Administration / Advanced Settings / Settings.
Change the Password in Impersonation Account.

SQL SA Password

This is applicable for replicated and not replicated environments.
Close ADMS Console.
Go to SQL Server Management Studio / Security / Logins
RMB on the Service account used for Vault. (since Vault 2015 – you can install under a different SQL Account as well)

Afterwards, open the ADMS Console.
If you do not have a replicated Environment, RMB on Workgroups and enable.
This triggers ADMS Console to prompt you for SA Password.
Fill in the correct SA password and cancel the next dialogue and it is saved.

If you have a replicated environment, RMB on Workgroups and select Replication Properties.
It will open up the same dialogue as mentioned above.
Fill in the correct SA password and cancel the next dialogue.

VaultSys – ADMS – User Password

When Vault is installed, default passwords are provided for the VaultSys and ADMS_%SiteName% SQL Service accounts. The administrator can change these passwords to be more secure.

Important: The passwords for the SQL Service accounts must be changed through the ADMS Console. Changing the passwords with SQL Management Studio will cause ADMS Console to throw an error.

Change the Password for a SQL Service Account

  1. In the ADMS Console, select Tools > Administration.
  2. Select the Advanced Settings tab and click Change in the SQL User Account Passwords section next to the account for which you want to change the password.


  3. On the Change Password dialog, enter the existing password and new password.
  4. Click OK to save your changes.

Have any further questions about Vault? Don’t hesitate to contact our Technical Support Team by clicking here!