Global Directory fail, Callmanager 4
Revently had a need to log into CAR. ADmin password not know (and not default). In order to reset it I needed to log into the DC Directory tool. The Directory Manager password was also not know or default. Followed instructions to reset this via the windows registry.
The password reset seems to have failed. I still cannot log into DC Directory. And now I can not access Global Directory or create a new user in the web interface either.
Any advice?
Hai,
As you know the GLOBAL directory is used to store WF logs and client logs.
There is no specific time limits which SAP has defined to keep them in the directory, but it depends upon company to company.
U can delete the old logs such as 6 months or 1 year old, but try to keep the recent logs if possible.
Because they might be needed to do some analysis in case of some problems.
Regards,
Yoganand.V
Similar Messages
-
Hi,
I am wondering if would it be possible to create multiple directories listings for a multi tenant setup in a CallManager environment. 2 things I have in concern:
1. How do we send the right directory listings to the right phones. For eg, tenant A could only view their corporate directory - and they are not able to view tenant B's directory.
2. And how do I partition CCM's global directory to function like the above mentioned.I couldnt figure out how to lock this down, so I went with a third party app. Well, now that I think about it, you could probably use an SDK server and point to different LDAP directories. (lots of work)
I used the Citrix Application Gateway. It's expensive, but the Express Directory is the best I have seen. It's easy, it can import custom LDAP txt files and then cache them in it's storage for the phones to access to them. -
Upload file to global directory in Dev, Q&A and Prod!
I have an upload application in BSP, that uploads files to for example /usr/sap/BWD/files
this works in Development, but of course this directory is not available in Production, so BSP won't work there.
Isn't it possible to use one global directory?
Right now somebody created for us a directory, that's the same on all 3 systems (Dev, Q, and Production)
this dir is
on Development: DIR_TRANS /usr/sap/transBW
on Quality: DIR_TRANS /usr/sap/transBW
on Production: DIR_TRANS /usr/sap/trans
notice the small difference in path in Production... Is there a way to use the DIR_TRANS instead of the real path?
my application writes data like this:
fname = '/usr/sap/CBD/files/FILE.CSV'.
OPEN DATASET fname FOR OUTPUT in TEXT MODE encoding default.
if sy-subrc gt 0.
WRITE: / 'Error opening file'.
endif.
LOOP AT data_TAB INTO LIN.
TRANSFER LIN TO FNAME.
ENDLOOP.
CLOSE DATASET FNAME.
thanks a lot, points will be rewarded for usefull answers!
thanks!use transaction FILE to create logical path for the actual file path.
and then use FM
call function 'FILE_GET_NAME'
exporting
client = sy-mandt
logical_filename = pil_file "Input logical file name
operating_system = sy-opsys
importing
file_name = p_i_file "Physical file name
exceptions
file_not_found = 1
others = 2.
Regards
Raja -
"24427 Access to Active Directory failed" error in ACS 5.1
Hello,
I'm working on implementing a RADIUS authentication for wireless access with the following :
- PCs running Windows 7, protocol used is PEAP (without validating the server certificate to make it simple at first),
- AP 1252 configured to use a RADIUS server to authenticate (it's working good with an ACS server 4.2),
- ACS Server 5.1.0.44.5 running as VM connected to an AD domain and working good with VPN connections,
- AD domain running on Windows 2003 Server.
My ACS VM is working good since a couple of months for VPN (RADIUS) and administration (TACACS) remote access, both using Active Directory. Now, I'd like to use it to authenticate people connecting to a 1252 Cisco access point but I'm getting this error "24427 Access to Active Directory failed". I switched from PEAP to LEAP but this is the same.
All I can get running the expert troubleshoot
Investigating failure code: 24427 Access to Active Directory failed
Checking if Active Directory is configured
Active Directory is configured
Attempting connection to Active Directory
Connection to Active Directory was successful.
Troubleshooting completed.
Click on Show Results Summary to view results.
I followed this guide, at least for the ACS certificate section :
http://www.cisco.com/en/US/products/ps10315/products_configuration_example09186a0080b4cdb9.shtml
Anyone has an idea where the problem may come from?
Thanks in advance,
Vincenthey there, I ran into the same issue with 5.3 and it turned out being this bug. i came across your post looking for instructions on retrieving the logs. thanks mate.
link
Problem: Error "24495 Active Directory servers are not available"
Authentication starts failing with this error: 24495 Active Directory servers are not available. in the ACS 5.3 logs.
Solution
Check the ACSADAgent.log file through the CLI of the ACS 5.x for messages such as:Mar 11 00:06:06 xlpacs01 adclient[30401]: INFO base.bind.healing Lost connection to xxxxxxxx. Running in disconnected mode: unlatch. If you see the Running in disconnected mode: unlatch error message, this means the ACS 5.3 cannot maintain a stable connection with Active Directory. The workaround is to either switch to LDAP or downgrade the ACS to 5.2 version. Refer to Cisco bug ID CSCtx71254 (registered customers only) for more information. -
Hello SAP Gurus,
when trying to install SAPNW2004sSneakPreviewABAP in phase 4 I get error:
ERROR 2006-08-08 08:52:40
CJS-30129 Creating node $(DIR_TRANS) with type DIRECTORY failed. Original exception text was: syslib.filesystem.nodeCreationFailed:
Unable to create node
pc05\sapmnt\ with type DIRECTORY: can't create parent node..
I searched SDN and found as possible error causes: lacking authorization of installation user or users nspadm and SAPServiceNSP, wrong JRE version, but those are not applicable.
Any other suggestions?
SimonHello Prince Jose,
thanks for the reply, it brought me to the solution: I had to de-activate the Windows Firewall and hat to check 'Network users are allowed to change files'.
I know made it till phase 17, quite a step.
Best,
Simon -
Hi,
I have a setup ISE 1.1.1. Users are getting authenticate against AD. Everything is working fine except some users report disconnection. I see in the ISE that (Authentication failed: 24415 User authentication against Active Directory failed since user's account is locked out). Users are using Windows 7 OS.
Error is enclosed & here is the port configuration.
Port Configuration.
interface GigabitEthernet0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 121
authentication event fail action next-method
authentication event server dead action reinitialize vlan 120
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout tx-period 60
spanning-tree portfast
ip dhcp snooping limit rate 30 interface GigabitEthernet0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 121
authentication event fail action next-method
authentication event server dead action reinitialize vlan 120
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout tx-period 60
spanning-tree portfast
ip dhcp snooping limit rate 30
Please help.The error message means that Active Directory server Reject the authentication attempt
as for some reasons the user account got locked.I guess, You should ask your AD Team to check in the AD
Event Logs why did the user account got locked.
Under Even Viewers, You can find it out
Regards
Minakshi (Do rate the helpful posts) -
Hi,
Since we implemented Cisco ISE we receive the following failure on several Notebooks:
Authentication failed : 24408 User authentication against Active Directory failed since user has entered the wrong password
This happens 2 or 3 times per Day. So basically the authentications are working. But when the failure appears, the connection is lost for a short time.
The Clients are using PEAP(EAP-MSCHAPv2) for Authentication. We've got a Cisco Wireless Environment (WLC 5508).
Why is this happening?
Thanks,
MarcThe possible causes of this error message are:
1.] If the end user entered an incorrect username.
2.] The shared sceret between WLC and ISE is mismatched. With this we'll see continous failed authentication.
3.] As long as a PSN not receiving a response from the supplicant within this limit during an EAP conversation, it will throw this error code. In majority of cases it says eap session timed out.
In your cases, the 3rd option seems to be the most closest one.
Jatin Katyal
- Do rate helpful posts - -
Attempt to fetch cache data from Integration Directory failed
HI,
while checking cache connectivity testing: status is
green: Integration Repository
green: Integration Directory
green: Integration Server - JAVA
red:Adapter Engine af.axd.aipid
yello:Integration Server - ABAP
Jun 30, 2007 1:16:08 PM - Cache notification from Integration Directory received successfully
Attempt to fetch cache data from Integration Directory failed; cache could not be updated
[Fetch Data]: Unable to find an associated SLD element (source element: SAP_XIIntegrationServer, [CreationClassName, SAP_XIIntegrationServer, string, Name, is.00.aipid, string], target element type: SAP_BusinessSystem)
[Data Evaluation]: GlobalError
what to do?
and there is nothing under integration server and integration engine but there is an green status under Non-Central Adapter Engines > from this i am doing send messeage testing fro xi to bi ,
send message to: http://aibid:8000/sap/xi/engine?type=entry
payload:
<?xml version="1.0" encoding="utf-8"?>
<ns1:MI_VCNdatatoBI
xmlns:ns1="http://bi.sap.com"
xmlns:xsi="http://www.w3.org/2001/XMLSchemainstance">
<DATA>
<item>
</BIC/ZG_CWW010>1000<//BIC/ZG_CWW010>
</BIC/ZVKY_CHK>1<//BIC/ZVKY_CHK>
</item>
</DATA>
</ns1:MI_VCNdatatoBI>
i can sent message from there (component monitoring > Non-Central Adapter Engines) but unable to get it at message monitoring and at BI side.
dushyant.thanks,
but i have adepter type XI
and i am folowing step of this lonk and there is no need to create fild adepter type according to that and almost done but while sending message through config. monitor in RWB it goes but not coming in mess monitoring and at bi side
see 4.5 > 3 and 4 topic and 4.6 > 3,4,5
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/f027dde5-e16e-2910-97a4-f231046429f2
now what to do?
dushyant, -
GRC CUP how to pull manager from Global directory or Active directory
Hi,
how can i pull manager from global directory or active directory as approver.We are designing dual control approval process.First manager from global directory can approve then role owner.In workflow stages i can only see approvers information has to be entered manaually in CAD.Also i am looking when requestor requesting request,it should automatically fetch manager information on the request page,once user id selected.
Thanks
MushuDear Mushu,
Two things you need to do
1.) Maintain the Manager's Field in Active Directory and do mapping in CUP>Configuration>Field Mapping-->LDAP Mapping
2.) Keep LDAP as authentication system so that whenever a User has to log into the CUP he will do using his network id and his manager is automatically pulled from Active Directory.
Then in the workflow you can keep the approver determinator as Manager by which the request will routed to the appropriate manager. Hope that helps.
Edited by: celestemay17 on Dec 8, 2010 12:05 PM -
In perfdatasource querying for global snapshot failed with error 'the size limit for this '
I received scom alerts from two win 2k8 r2 servers , hosting exchange 2010 mailbox roles , the alerts came almost in same time from both servers ,
can I ignore those alerts
or can someone give a me a clue how can I troubleshoot those alert , please any help would be appreciated
In PerfDataSource, querying for Global Snapshot failed with error 'The size limit for this '
from Ops-mgmt logs
Log Name: Operations Manager
Source: Health Service Modules
Date:
Event ID: 10104
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: server 1
Description:
In PerfDataSource, querying for Global Snapshot failed with error 'The size limit for this '
One or more workflows were affected by this.
Workflow name: Microsoft.Windows.Server.2008.OperatingSystem.PercentMemoryUsed.Collection
Instance name: Microsoft Windows Server 2008 R2 Enterprise
Log Name: Operations Manager
Source: Health Service Modules
Date:
Event ID: 10104
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: server 1
Description:
In PerfDataSource, querying for Global Snapshot failed with error 'The size limit for this '
One or more workflows were affected by this.
Workflow name: Microsoft.Windows.Server.2008.LogicalDisk.PercentIdle.Collection
Instance name: " edb file path "
Log Name: Operations Manager
Source: Health Service Modules
Date:
Event ID: 10104
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: server 2
Description:
In PerfDataSource, querying for Global Snapshot failed with error 'The size limit for this '
One or more workflows were affected by this.
Workflow name: Microsoft.Windows.Server.2008.NetworkAdapter.CurrentBandwidth.Collection
Log Name: Operations Manager
Source: Health Service Modules
Date:
Event ID: 10104
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: server 2
Description:
In PerfDataSource, querying for Global Snapshot failed with error 'The size limit for this '
One or more workflows were affected by this.
Workflow name: Microsoft.ForefrontProtection.FPE.Server.PerformanceCollection.RealtimeScanMessageRateHi Blake ,
Thanks for your reply , I appreciate your help ,
I didn't put the alert from scom console because they were same as the events ( same source )
Health Service Modules, I didn't want to spam
more :-)
also the two servers encountered the issue were mailbox servers and part of same DAG , it worth mention the alert were resolved
by Exchange 2010 Correlation Engine service
http://blogs.technet.com/b/kevinholman/archive/2010/10/15/clustering-the-exchange-2010-correlation-engine-service.aspx
http://support.microsoft.com/kb/2592561
also the Opsmgmt logs are full of waring and error event like 2023 , 21402 , 21403 , 1207 !!
Log Name: Operations Manager
Source: HealthService
Date:
Event ID: 2023
Task Category: Health Service
Level: Warning
Keywords: Classic
User: N/A
Computer: server 1
Description:
The health service has removed some items from the send queue for management group "SCOM" since it exceeded the maximum allowed size of 15 megabytes.
1- alert from console >>
In PerfDataSource, querying for Global Snapshot failed with error 'The size limit for this '
One or more workflows were affected by this.
Workflow name: Microsoft.Windows.Server.2008.OperatingSystem.PercentMemoryUsed.Collection
Instance name: Microsoft Windows Server 2008 R2 Enterprise
EventSourceName: Health Service Modules -
Unable to save Unified Messaging PIN: Access to Active Directory Failed
I'm trying to enable all of our users for Unified Messaging and I've created a powershell script for each of users I want to enable but I am getting an error message everytime I try and run it.
Unable to save Unified Messaging PIN for mailbox 'smtp address': Access to Active Directory Failed
Our setup is forest root domain and 2 child domains. Most of the users are in the child domains and the Exchange server is in the forest root domain.
I'm using -domaincontroller but this doesn't make a difference. Here is the script I am using:
Enable-UMMailbox -Identity [email protected] -UMMailboxPolicy "DefaultUM Default Policy" -Extensions 303 -PIN 1234 -SIPResourceIdentifier "[email protected]" -PINExpired $false -domaincontroller "rc-curdc-01.curriculum.riddlesdown.local"
Can someone point out why this isn't working?I had the same experience as Gueetar. Couldn't enable a UM mailbox, or change the PIN. Got a generic "Access to Active Directory Failed" message instead of anything useful. Even went so far as enabled a ton of diagnostic logging, which didn't report anything
useful.
Of course, all the accounts I was enabling had the HiddenFromAddressListsEnabled property set to $true (these were old deactivated accounts I was using to test with). I found that setting it back to $false corrected the issue.
Of course I didn't know it was that exact problem at the time. I only found a difference after disabling/re-connecting mailboxes (and of course newly created mailboxes exhibited no issues). Assuming this was going to be the case for all mailboxes this would
be fine for testing and proof of concept, bad for production/implementation. Instead I ran a bunch of scenarios over two days, culminating in a crap load of LDIFDEs and DSACL dumps to enumerate the object properties and compare the values that were different.
This property (HideFromALEnabled) and a few others stood out. Luckily it wasn't ACL-related - that would've been a complete head wreck!
Dear Microsoft: More descriptive errors next time, please :) -
[SOLVED] Change directory failed on login
Hi,
I've just made a fresh install following the Beginners Guide, and after rebooting into Arch everything is ok if I login as root, but attempting to login as any other user gives me an error like:
-- user: /home/user: change directory failed: Permission denied
output of ls -l /home/ gives:
drwx------ 2 user users 4096 Feb 17 06:30 user
Help!
Last edited by personator (2013-02-16 15:51:04)personator wrote:drwxr-xr-x 4 root root 4096 Feb 17 06:38 /home
Seems to be ok.
I can reproduce your error message when I do a chmod a-rwx /home/user but with 0700 as you wrote the login works.
Other wild guesses (with no profound knowledge from my side): Is the /home dir mounted from somewhere? Could it be some (misconfigured) security framework (selinux, AppArmor etc.) that blocks access to the home dir?
Last edited by demaio (2013-02-16 11:54:26) -
I would like to know if there is a way to incorporate the global directory in an Intranet that I'm creating?? I have a tab which would contain all the phone directory and in there I would like to incorporate some search fields to if possible.
So basically my question is this:
1- How do I incorporate the global phone directory in a tab of my Intranet. My Intranet accepts PHP and javascript.
ThanksYou can use PHP to query the directory using LDAP. Note that you'll be using a non-standard port to query the DC Directory. I know that only kicks you off on the process, but hopefully it will assist.
-
Dial Numbers from Global Directory on Cisco phone
Hi,
I want to dial numbers from the global directory on the 8961 phone. This worked a few days ago. Now it doesn´t anymore. Nothing has changed as far as i know.
I can see the contact after I searched it. I also the the number but when I press dial nothing happens.
Any tipps?
CUCM 9.1.2.10000-28Hi Frank.
Is your cucm synced with an external LDAP?
Do you have this issue with both internal and external numbers?
Let me know
Regards
Carlo -
Dialog Instance writing and reading from wrong global directory
Hi,
I have just completed a HA installation of ECC 6 on a Windows 2008 cluster. On node B we have the CI installed and on node A we have an additional DI installed. The installation drive for these local instances is the I drive in both cases. The ASCS instance is installed on the clustered N drive.
For some reason when a job runs on the Dialog Instance installed on node A it writes it log file to the I:\usr\sap\<SID>\SYS\global\100JOBLG directory rather that to the
<sap cluster hostname>\sapmnt\<SID>\SYS\global\100JOBLG directory (which would equate to N:\usr\sap\<SID>\SYS\global\100JOBLG). Similarly when I try a read a job log from the DI on node A it tries to read from I:\usr\sap\<SID>\SYS\global\100JOBLG and when it can find the log it gives an error.
If anybody has any ideas as to how I can reconfigure the instance to read and write to the correct directory that would be much appreciated.
Cheers,
Greg.Have you set a different SAPGLOBALHOST or DIR_GLOBAL in your instance profile?
Kind regards,
Mark
Maybe you are looking for
-
I updated my iphoto now it wont open....
i updated my iphoto scince then when i try and open it a tab pops up saying "You can't use this version of the application iphoto with this version of Mac OS X" it says i have the mac OS X 10.7.4 and the application requires 10.7.5 i updated my lapto
-
Can't print to my HP deskjet in Mavericks 10.9.5
My HP 1050 j410 printer is roughly 4 or maybe 5 years old. I haven't been able to print with my new iMac running Mavericks. I've tried installing the drivers from the HP site, but it appears that they only support 10.9. I'm on 10.9.5
-
How can we tell when the Aperture+TM bug is fixed?
I'm wondering how I will know when Apple has fixed the time machine bug with Aperture, here: http://support.apple.com/kb/TS1228
-
Ap_suppliers have wrong employee_id
Hi, ap_suppliers table is having the wrong (ex) employee id. This employee has two ids in HR (one is terminated) How can i correct this issue? Thanks Senthil
-
Move database files from one ASM diskgroup to another
We are working on 11.2.0.3 RAC environment. We have an activity in which we have to move ASM database files from one diskgroup to another. We have the sufficient downtime for the activity. On checking MOS it says copying datafiles from "rman copy" co