ACS 3.3 for windows - Win AD and eap-tls problem

Similar Messages

• CA and Certificate Issue in ACS 4.0 For Windows 2003 Enterprise Server

  Hi,
  I have configured Microsoft CA server on the same ACS 4.0 for Windows 2003 enterprise server which was configured earlier using the self generated certificates for EAP and PEAP authentications.
  After I change the certificate from self generated to the new CA certificate that can be viewed under install ACS certificate option on ACS server but having the following problems
  1. SSL is not functioning while internet browser access to the ACS server and going through http instead of https.
  2. Wireless clients are authenticated successfully even after the certificate is uninstalled.
  Any help on these problems will be appreciated.
  Thanks
  Best Regards,
  Ahmed

  Hi Rohit,
  Thanks for reminding the HTTPS option under Administration Control on ACS.
  I have some doubts pertaining to installation of certificates on Wireless clients though it is optional for Self Generated Certificates but what in case of Mirosoft CA as I tested wireless client authentications even after removing the certificate from microsoft supplicant WindowsXP SP2 having installed the patch KB885453 for PEAP. How the certificate on wireless client works.
  Is it mandatory or optional to keep certificate on Wireless Clients as they could able to get authenticated through ACS after removing the certificate.
  Thanks
  Best Regards,
  Ahmed

• ACS 3.2 for Windows and MS Windows AD Directory Integration Problem

  Dear all,
  We have some issues while integrating Windows AD with ACS 3.2 for Windows.Currently we have done the following:
  1. Installed ACS 3.2 for Windows on Windows 2003 Enterprise with SP1
  2. ACS and Domain Controller are configured on the same server
  Checked and verified the following configurations
  1. created a domain user "csacs" selected Act as a part of operating system and log on as a service enabled for this user.
  2. Enabled all the CS services to log on as a user csacs.
  But I noticed CS services are not respdonding and gives the error as "Could not able to start the service with service specific error ..." while trying to start services manually on ACS.
  Kindly help me through this integration part
  An easy and handy Step wise procedure on configuring integration of AD with ACS 3.2 on both Domain Controller and on Member server will be of great help.
  Thanks
  Kind Regards,
  Ahmed

  I have no issues running Cisco ACS version 3.2 on Windows
  Server 2003 with SP2:
  1) create user test1 in MS Active Directory and put test1
  in users group with dial-in access granted,
  3) Create a group called "LDAP". Actually I renamed
  group name "group 1" to "LDAP".
  3) in ACS external user database configuration, I specified
  domain "CCIE" as for this. unknow user policy is to use
  Windows Database configuration,
  4) Configure the database configuration in ACS to point
  to "CCIE" windows domain,
  5) setup the ACS to authenticate one of your Cisco devices
  and log in using the MS windows account,
  By the way, mgurwara, you are wrong. I run Cisco
  ACS 3.2 on windows 2003 Enterprise Edition with Service
  Pack 2. I am running it on a Dell Optiplex Gx240
  (1.7 GHz with 512MB of RAM) and it is running fine.
  I use it to manage about 20 cisco devices and
  about 200 Wireless LEAP user(s). Furthermore, I am also
  running ACS 4.1 on another identical hardware. It has
  nothing to do with the hardware. I don't know where
  you get that information from.

• CiscoSecure ACS v2.4 for Windows NT Upgrade

  We still have two ancient instances of CiscoSecure ACS v2.4 for Windows NT running on our network. ACS1 (primary) and ACS2 (secondary). I would like to upgrade these, not only because of how old they are but because of an issue trying to replicate the user and group database from ACS1 to ACS2. When trying to replicate the user and group database the logs say it's successful but the databases don't match. ACS2 is missing some of the users that are in ACS1. I have successfully replicated the interface database. But for whatever reason, the user and group database will not replicate.
  First, is there any other way I can get the user and group database copied from ACS1 to ACS2? Other than using the built in database replication tool?
  Second, is there any way I can get these upgraded? I read that the recommended upgrade path is 2.4->2.6->3.0->3.2. But Cisco no longer has version 2.6 available for download. I really would like to upgrade rather than starting from scratch.
  Thanks!

  ACS 2.4 - wow! That hasn't been sold for over 11 years. (reference)
  Think about it - would you want to try to upgrade Windows 98 to Windows 7? That's about an equivalent span of software product timeline.
  The current product is so different that even if you could upgrade it would not be advisable to do so. While painful, it would be much better option to make a clean break with the old and move onto a current platform (e.g ACS 5.3).

• Advice for Buying Cisco Secure ACS 3.3 for Windows

  Just need advice on what other things I NEED to order apart from the Windows server when I want to iplement ACS and I want to use CISCO SECURE ACS 3.3 FOR WINDOWS
  Hope someone will help

  Hi,
  This is all what you require:
  Supported Operating System
  Cisco Secure ACS for Windows Servers 3.3 supports the Windows operating systems listed below. Both the operating system and the service pack must be English-language versions.
  •Windows 2000 Server, with Service Pack 4 installed
  •Windows 2000 Advanced Server, with the following conditions:
  –with Service Pack 4 installed
  –without features specific to Windows 2000 Advanced Server enabled
  •Windows Server 2003, Enterprise Edition
  •Windows Server 2003, Standard Edition
  Note The following restrictions apply to support for Microsoft Windows operating systems:
  •We have not tested and cannot support the multi-processor feature of any supported operating system.
  •We cannot support Microsoft clustering service on any supported operating system.
  •Windows 2000 Datacenter Server is not a supported operating system.
  Please refer to the following link for more information:
  http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/win33sdt.htm
  Thanx & Regards

• ACS 4.2 For Windows DB Replication

  Hi Folks.
  I have a pair of ACS for windows 4,2 and we also have a few mappings (ACS Group --> AD Group)
  The replication process was configured and it replicates all the seetings, but the Group Mappings.
  Is this the way it's supposed to be or it should replicate the group mappings as well?
  Best regards,
  AL

  The following items cannot be replicated:
  •IP pool definitions (for more information, see About IP Pools Server).
  •ACS certificate and private key files.
  •Unknown user group mapping configuration.
  •Dynamically-mapped users.
  •Settings on the ACS Service Management page in the System Configuration section.
  •RDBMS Synchronization settings.
  User guide
  http://www.ciscosystems.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/SCAdv.html#wp756078
  Regards,
  Jatin
  Do rate helpful posts-

• Cisco Secure ACS 4.2 for Windows web-based Admin Console log in problems

  To Whomever Can Assist,
        I am running two deployments of Cisco Secure ACS for Windows 4.2 and I can login into the admin web-console just fine.  However, when I create a new or test user that mirror my configuration that user cannot login to the admin web-console.  The user can login it to devices with the appropriate privileges, but can't administer his/her account within ACS.  This has proven very problematic and needs a remedy.  Thanks for the assistance.

  Bradbryant.dhs,
  Where are you creating the new admin user who should have access to ACS web gui under internal users or administration.
  Internal user and ACS administrator accounts are completely different. 
  Adding administrator account
  http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4-2/user/guide/ACS4_2UG/Admin.html
  Regards,
  Jatin Katyal
  ** Do rate helpful posts **

• Jabber for Windows 9.1 and WebEx Voicemail Tab

  Guys
  we are using both Jabber for Windows (9.1) and WebEx connect clients. both connect to WebEx cloud services. when we use WebEx connect we have all features including voicemail but when we use Jabber for Windows there isnt any voicemail option at all present.
  both are doing phone integration and everything else is working fine.
  Now when we do the same for our andriod tablets we have the option for voicemail.
  i  understand that there are several feature differences but based on the searches ive been doing, voicemail should be present and i havent actually seen anyone having this problem. Note, this is using WebEx not CUPS.
  i know im probably missing something completely here.
  thanks again

  Do these users all have a conferencing profile assigned to them in CUCM (9.0) or CUPS (8.x)?
  Regards,
  Erik
  Sent from Cisco Technical Support iPad App

• Cisco Jabber for Windows in Extend and Connect mode and making outbound calls

  Hi guys,
  I've set up Cisco Jabber for Windows to use Extend and Connect to control a remote PBX endpoint. I've configured the required CTI-RD device, remote destinations, associated the users to the line and added the devices to end-user controlled device. The extend and connect part is working flawlessly without any issues. I'm able to receive inbound calls on the remote PBX endpoint and control the call (hold, resume, transfer etc.) using the Jabber call window that pops up.
  However, I'm unable to make any outbound calls via the Jabber client when in extend and Connect mode. Reading the Extend and Connect guide, I need to configure Dial Via Office (DVO) Reverse. So when the user initiates a Dial-Via-Office reverse call, CUCM calls and connect to the Extend and Connect device (CTI-RD). CUCM then calls and connects to the number the user dialled and finally connects the two call legs.
  After attempting to configure DVO-R for Jabber for Windows in Extend and Connect mode following the CUCM feature services guide, i'm unable to get any outbound calls working. From RTMT, i am receiving the following Termination Cause Code: (27) Destination out of order. What i also notice is that there is no calling number for that trace either. I would've thought that the calling party would've been the Enterprise Feature Access (EFA) number.
  Has anyone got this working or can provide some guidance?
  Thanks.

  Hi guys,
  I've set up Cisco Jabber for Windows to use Extend and Connect to control a remote PBX endpoint. I've configured the required CTI-RD device, remote destinations, associated the users to the line and added the devices to end-user controlled device. The extend and connect part is working flawlessly without any issues. I'm able to receive inbound calls on the remote PBX endpoint and control the call (hold, resume, transfer etc.) using the Jabber call window that pops up.
  However, I'm unable to make any outbound calls via the Jabber client when in extend and Connect mode. Reading the Extend and Connect guide, I need to configure Dial Via Office (DVO) Reverse. So when the user initiates a Dial-Via-Office reverse call, CUCM calls and connect to the Extend and Connect device (CTI-RD). CUCM then calls and connects to the number the user dialled and finally connects the two call legs.
  After attempting to configure DVO-R for Jabber for Windows in Extend and Connect mode following the CUCM feature services guide, i'm unable to get any outbound calls working. From RTMT, i am receiving the following Termination Cause Code: (27) Destination out of order. What i also notice is that there is no calling number for that trace either. I would've thought that the calling party would've been the Enterprise Feature Access (EFA) number.
  Has anyone got this working or can provide some guidance?
  Thanks.

• I tried to install iTunes 10.6.1 for Windows (64 bit) and it says "A required iTunes component is not installed. Please repair or reinstall iTunes. (-42404). I have tried uninstalling everything and reinstalling and it still does not work.

  I tried to install iTunes 10.6.1 for Windows (64 bit) and it says "A required iTunes component is not installed. Please repair or reinstall iTunes. (-42404). I have tried uninstalling everything and reinstalling and it still does not work. I then restored my computer to a week ago and tried to download and install the update and this came up again.

  Check out this thread:
  https://discussions.apple.com/thread/3677426?start=0&tstart=0

• HP laserjet 1200 series pcl5 driver for windows 7 64bit and windows 8.1 64bit

  Dear
  I need
  HP laserjet 1200 series pcl5 driver for windows 7 64bit and windows 8.1 64bit
  can anyone provide me ? no links to read text, direct solution is welcomed
  thanks in all

  Hi.
  You may download the Universal Print Driver PCL5 below, it is compatible with both Windows 7 or 8 64-bit.
  For USB select Plug n Play, for network select Tradiotional Mode and follow the steps by setting a TCP/IP Port with the IP Address of the printer:
  http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetails/?sp4ts.oid=29790&spf_...
  Please let me know of any issuesm
  Shlomi
  Say thanks by clicking the Kudos thumb up in the post.
  If my post resolve your problem please mark it as an Accepted Solution

• SCM update for Windows 8.1 and Windows 2012 R2

  Hi,
  When are we likely to get an update to SCM for Windows 8.1 and Windows 2012 R2?

  Hi
  you must add these lines in ZTIGpoPack.wsf (for MDT) and LocalGPO.wsf (for LocalGPO), and for MDT 2013, copy ZTIGpopack to Deploymentshrare\Scripts
  sOSVersion = oEnvironment.Item("OSCurrentVersion")
              If (Left(sOSVersion,3) = "6.3") and oEnvironment.Item("IsServerOS") then
                      sOS = "WS2012R2"
                      oLogging.CreateEntry "Using Windows Server 2012 R2 GPO Pack", LogTypeInfo
              ElseIf (Left(sOSVersion,3) = "6.3") and Not(oEnvironment.Item("IsServerOS")) then
                      sOS = "Win81"
                  oLogging.CreateEntry "Using Windows 8.1 GPO Pack", LogTypeInfo
  Regards
  Thanks for this, but you also need to update the GPOPack.wsf in (each relevant) template folder of the Deployment Share like this:
          If(Left(strOpVer,3) = "6.3") and (strProductType <> "1") then
      strOS = "WS12R2"
          ElseIf(Left(strOpVer,3) = "6.3") and (strProductType = "1") then
      strOS = "Win81"
          ElseIf(Left(strOpVer,3) = "6.2") and (strProductType <> "1") then
      strOS = "WS12"
          ElseIf(Left(strOpVer,3) = "6.2") and (strProductType = "1") then
      strOS = "Win8"
  As ZTIApplyGPOPack calls GPOPack.wsf.
  (Which is what I think Scorpio92 probably meant when you said to edit LocalGPO.wsf...)

• ITunes 11.0.4 for Windows keeps restarting and removing my set-up and preferences

  iTunes 11.0.4 for Windows keeps restarting and removing my set-up and preferences every time its shut down and re-opened, how can I stop this?
  All of the music (etc) is still there but I need to agree to the terms and condition of the 'Software License Agreement for iTunes for Windows' every time I open iTunes.
  Once opened there is no personal set-up, such as side menus and how the lists are set-up (e.g showing album images, music listed in ‘most played’ order,etc etc) I know how to re-do all of my settings, Its just getting very annoying now.
  Anyone know how to stop this or at least why It is doing it?

  I found why it defaults back to the wizard. I noticed in  C:/users/(User)/AppData/Roaming/Apple  Computer/iTunes/iTunesPerfs.xml file is deleted from this directory upon  exiting iTunes. When I manully restore this file itunes starts with my  correct settings. Why the .xml file being deleted I don't know. iTunes is deleting the file when you exit so I guess there is just a bug.

• I brought Quicktime 7 Pro for Windows 7 Pro and it did not electronically download or I can't find it anywhere on my computer.  Need help.

  I brought Quicktime 7 Pro for Windows 7 Pro and it did not electronically download or I can't find it anywhere on my computer.  Need help

  Apple - QuickTime - Download
  Download and install the free version and apply your key to unlock the Pro features.

• Known Issues for Windows 10 SDK and Tools

  Please read about Known Issues for Windows 10 developers in the Known Issues for Windows 10 SDK and Tools
  forum

  To fix this issue, your computer must be connected to the internet to download these components.
  Make sure your computer is connected to the internet.
  Open Control Panel, and select Programs and Features. 
  Select Microsoft Visual Studio 2015 RC, click Change, and then click
  Modify.
  Select the feature “Universal Windows App Development Tools”, and click
  Update.