SCCM - MP_GetAuth error 0x80040E4D after rebuilding secondary site

You may come across this error when rebuilding the secondary site servers in your hierarchy, when checking the MP_GetAuth log. If utilizing the computer account for db access to the site when the server is rebuilt it gets a new SID created in Active Directory. The MSSQL login when linking the login account utilizes this AD SID for authentication.

USE SMS_001 

DROP USER [DOM\DOMSCMSS001$] 

GO 

 

DROP LOGIN [DOM\DOMSCMSS001$] 

 

CREATE LOGIN [DOM\DOMSCMSS001$] 

FROM WINDOWS 

WITH 

DEFAULT_LANGUAGE=[English]; 

 

USE SMS_001 

CREATE USER [DOM\DOMSCMSS001$] FOR LOGIN [DOM\DOMSCMSS001$]; 

GO 

sp_addrolemember 'smsdbrole_MP',[DOM\DOMSCMSS001$] 

GO 
You can see that if checking the SID on the db vs the SID in AD(via adsiedit.msc) that the SID's will more than likely NOT match. If you are to run the above sql query changing as required it will first check the MSSQL cache for TokenAndPermUserStore. This is why the SID's are mismatched as the query found the SID in the cache NOT AD. In order to resolve the issue of the mismatched SID you are required to clear the TokenAndPermUserStore using DBCC.. You can check the current cache size by running the following sql query:

select name, count(*) from sys.dm_os_memory_cache_entries

      where name = 'TokenAndPermUserStore'

      group by name

      order by count(*) desc ;

GO

To clear the cache run the following sql query on the db:

DBCC FREESYSTEMCACHE ('TokenAndPermUserStore');

Then recreate the account on the db, everything should now be working fine