ACS error - External DB account Restriction ..

Similar Messages

• EAP Authentication Failing (External DB account restriction)

  Hi,
  I am using ACS 3.0 as my Access Server configured for LEAP authentication,Everything was working fine till 2 days back, All my wireless clients ver getting authenticated,
  But suddenly they have stopped doing so, On checking the logs it says "External DB account restriction"
  I am using Windows Group Mapping, Dont know why suddenly it has started behaving like this, Have made no changes on the user profiles/permissions from either ACS or windows servers.
  Any clue...suggestions..
  Thanks
  Maneesh

  I'm having the same problem and it is quite frustrating... It should not be this difficult.
  I've tried both IAS and ACS and I can not get either one of them to work. I'm sure it has something to do with certificates... I just don't know what I'm doing wrong, but I'm going to beat the stuffing out my server if I see "External DB account Restriction" one more time!
  currently i'm trying to get ACS 3.2.1(trial) on Win2k SP3 to work and time and time again no matter how I try to install the certificate I create (following instructions in chapter 10 of the User Guide) I keep getting that infernal error. If someone out there could post SPECIFIC instructions about how they got their installation to work it would be GREATLY appreciated.
  Ben

• External DB account Restriction

  Hi
  I am receiving "External DB account Restriction" Error message for ADS users after upgrading from 2000 to Windows 2003.
  I dont see any error for local ACS users and local windows database users.
  Any idea
  Thanks

  Meaning of the error message
  External DB account restriction : The Windows User Account is restricted : The windows administrator must reset this option.
  ACS troubleshooting guide
  http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1.3/troubleshooting/guide/ecodes.html
  When you try to authenticate via ACS and see failed authentication on the ACS,could you please take a look on the group you are dropped in.
  This can occur either due to permission issues or if your user is being mapped to DISABLED or NO-ACCESS group on the ACS.
  Once you have the group which the failed user belongs to, go to that group and click on edit group. It shouldn't ne disabled or noaccess group (Group 0 is what we called noaccess group).
  If you're getting mapped to correct map then this is surely windows permission issue. You have to ensure that ACS software running on windows machine should have domain admin rights.
  There are some permissions those need to be granted on the windows machine it is installed.You may check from below listed link
  1.Acs is installed on the member server or DC and permissions are configured as per the following doc:
  http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/install/inst02.htm#wp981552
  If you're running ACS on member server do make sure that you have completed post installation task for local security policy.
  http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/3.3/installation/guide/windows/install.html#wp981858
  HTH
  Rgds,
  Jatin
  Do rate helpful posts~

• Error : External Content Type Failed to SAVE

  Hello All,
  Im trying get connect the sqlserver tablt to Sharepoint List using BCS services + Sharepoint Designer.
  i have created the external content type using SPD, creating all permission to table, operation properties, parameter, filter parameter every thing is fine.
  then here i have to SAVE the external content type, im getting error: External Content Type Failed to SAVE
  detailed Error:
  An unexcepted internal error occured in the Business Data Connectivity Sahred Service: Access to the temp directory is denied. identity 'NTAUTHORITY\NETWORK SERVICE' under which xmlserializer is running does not have sufficient permissions to access the
  temp directory. CodeDom will use the user account to process is using to do the compilation, so if the user doesnot have access to system temp directory, you will not to be able to compile. Use Path.GetTempPath() API to find out the temp directory location
  Before this i created sample external content type which is working correctly. Any suggestion regarding this..
  Advance thanks..
  NS

  Hi,
  I understand that when you save the external content type, there is an error.I have seen similar errors, you can try the steps below:
  Open C::\Windows\Temp.
  Right click on Temp folder and choose Properties>Security.
  Add the Network Service with Full Control permisison.
  Thanks,
  Entan Ming
  Entan Ming
  TechNet Community Support

• ACS error, AAA Server is a referenced in the Proxy Distribution Table

  When installing the ACS appliance (4.1) I have an issue where during the setup it prompts for a static address, Gateway, and DNS. This fine and network connectivity is tested during this time and success.
  The issue seems to be fine but that when logging in to the GUI under Network Configuration>AAA servers.
  AAA server AAA server IP address AAA server type
  self 10.10.10.1 CiscoSecure ACS
  ciscoacs 169.254.25.58 CiscoSecure ACS
  Under Network Configuration>Proxy Distribution Table
  Character String AAA Servers Strip Account
  Default ciscoacs no Local
  The 2 questions I have how to stop the 169.x.x.x address or why this is being put into the configuration, and how to delete as the following error is obsvered when trying.
  ACS error when trying to delete..
  “Can not Delete AAA Server, AAA Server is a referenced in the Proxy Distribution Table”
  Many Thanks MJ

  Go to,
  Network configuration > Proxy Distribution Table > (Default).
  swap the entry in this section under tables AAA Server and Forward to > Submit + Restart.
  Then try to delete 169.x.x.x entry.
  Regards,
  Prem

• External DB Account Restriciton

  I have a problem that is starting to drive me crazy!!
  I have an ACS server ver 3.3 on windows 2003. This authenticates users through our AD domain. I have other AD domains configured and everything is fine.
  I have recently had to add a new domain to the list. Initially I had no problems however since the weekend all users are getting the following message, External DB Account Restriciton. So far I have not found anything useful on google etc.
  What does the message really mean?
  What is the fix? They swear to me nothing has changed...........
  Thanks
  Simon

  Hi Simon,
  I too had this issue awhile back and after some research we found everyone seems to have their own fix and special juju. =)
  In our environment we resolved the issue by adding the appropriate DNS suffix's to the ACS server's DNS suffix search order.

• Error : Excise modvat accounts not defined for GRPO transaction and U1 exci

  I have Created Impot PO, After Planned Delivery cost MIRO I am trying to Perform GR then its giving Error "Excise modvat accounts not defined for GRPO transaction and U1 excise group
  Message no. 8I402"
        I have already maintained GL account in "Specify G/L Accounts per Excise Transaction" for Excise group U1
        This problem is coming when Additional Duty on custom condition type JADC is maintained in "Maintain Excise Defaults" node in the column "ADC Cond" . If I remove JADC condition type from this place the this error is not coming but AED column is not fetching any value while doing GR.
  Please help me in this issue , still No answer
  Edited by: shiwanshu singh on Jan 28, 2009 10:26 AM

  Dear sir
  For GRPO have you maintained sub transaction Type IP for your excise group U1. If you not maintained pl maintain . and assign G/L account to modvat clearing account , the G/l account should be same as company code CVD account.
  Regards
  jrp

• Error while changing Account Group for Prospective Customer

  Dear All,
  I am getting an error when the account group of a prospective customer needs to be changed to Sold to Party
  The planned change is not allowed as the following groups would be masked by the new account group,
  S      Group                    Group Name             M                 Group Name
  V       D315                    Shipping                   030              Rail Specifications.
  Please let me know what is the reason for this error and as per my knowledge even if the no range is different for both these partner functions the system should allow me to change the account group however the earlier no given to prospective customer will still exist even if the prospective customer number is changed to sold to party please let me know otherwise.
  Kind Regards
  Atul

  Hi,
  Go to KOH2
  Select the order by pressing F9. Now place the cursor where you want to put the order group. i.e on same level or Lower level.
  Regards,
  Jigar

• Error - No GL account selected for Asset account in Business partner master

  Hi Experts,
  Scenario - While adding A/P Invoice for Asset item, the error "Error - No GL account selected for Asset account in Business partner master Message (3518-13)
  Awaiting your replies
  Regards,
  Sid

  Hi,
  You need to map the control account of that vendor(business partner).
  ->Open the respective Business Partner master data
  ->Under accounting tab
  ->Under General tab
  ->Control accounts (will be indicated with ... button),on opening this
  ->You will be prompted to map the control accounts
                                           ^ Down Payment Payables
                                           ^Assets Account
                                           ^Open Debts
  Here you need to map the Asset account which also must be a control account(control account option should be checked in the chart of accounts).
  Pls do check in the test system,understand the behavior of this account by booking ap invoice and payment,then proceed in the live system.
  Hope this is helpful

• Error in Posting Accounting Document from invoice

  Hi,
  When i create invoice, the system gives error while creating accounting document as,
  "Tax code Y1 does not appear in any G/L account item".
  In my pricing procedure. i have two tax condition types. MWST and ZSED (copy of mwst). when i delete ZSED from my pricing procedure and then i create a sales order/delivery & finally invoice...then it works fine (Accuonting document is created successfully).
  i have assigned the gl accounts in vkoa. and MWST & ZSED goes to same gl account via MWS accounting key.
  although i have searched the forum for this issue, but that didnt resolved my issue.
  seeking your guidance.

  Dear Robert,
  I'm having same issue as yours.
  The requirement for us is if return sales in some order reason codes, then tax should be posted to different G/L other than the G/L defined in OB40(transaction MWS).
  After several test, found the system only recognize the G/L in OB40, won't touch setting in VKOA. As if I delete the GL in table T030R, SAP will issue an error requesting GL assignment.
  Please let me know if you have solved your issue! If yes, please share your solution! 
  Thanks in advance!

• Error 'Enter GL Account' while posting and invoice line item in MIRO

  Hello Gurus,
  I am facing a rather wierd issue.
  While posting a PO invoice in Tcode MIRO, its asking to enter the GL account in line items. Everytime I am entering the GL account and pressing the enter key, it wipes off the GL account clean and gives the same error 'Enter GL account'.
  It seems like this error is happening at the very first line item of the invoice. System is able to accept the GL account in 2,3,4th lines. If I delete the first line item, whatever is the first line item in that screen adapts the issue.
  Any help would be great as I have no clue what to do.
  Thanks

  Hello Priyadarshini,
  could you inform the error message number and it complete long text?
  Regards,
  Mateus Grings

• Error - G/L account 407350 requires a valid tax codeu201D.

  I am getting error "G/L account 407350 requires a valid tax codeu201D, while executing F-28 transaction.
  IF there are any User-exit available to resole this issue ?

  Rather than the use-exit, I suggest you to discuss this with configuration consultant who can make some change on the configuration and eliminate the error.
  >
  batramanish wrote:
  > I am getting error "G/L account 407350 requires a valid tax codeu201D, while executing F-28 transaction.
  > IF there are any User-exit available to resole this issue ?

• Error:G/L account missing when saving Sales order

  Hi Guys,
  I will appreciate your input on this.
  Whenever I try to save a Standard order for a particular material I get the error"G/L account missing. I have checked all the Account assigment settings and they are correct.
  I faced this issue while creating an order for downpayments.This error occurs when we use the material of the kind "make to order".
  Regards

  Hi Pvarinder,
  First please check the customer account assignment group at your sales order header level and material account assignment group at your item level.
  If they are ok then go to Environment->Analysis->Account determination
  As you said the entries are ok in VKOA, so my guess is I think you have some condition type which is not getting the right G/L account.
  Please check and revert with your findings.
  Regards,
  MT

• Error G/L Account is not defined in Chart of Account INT

  Hi,
  I have create a company code by doing copy of SG01 in transaction EC01.
  I have also create a vendor under the newly created company code. When i try to do a testing in FB60 transaction it prompt me an error : G/L Account is not defined in Chart of Account INT.
  Did i miss out anything? How to resolve this issue?
  Best Regards,
  Rayden

  Hi Supriya,
  I have check the T-Code FSP0. It display as follow. it seem that the Chart of Account INT is there.
  [FSP0 Screenshot|http://i154.photobucket.com/albums/s248/evil_lord81/Untitled-1.jpg]
  Regards,
  Rayden
  Edited by: Rayden on Feb 25, 2008 3:05 PM
  Edited by: Rayden on Feb 25, 2008 3:06 PM

• Workflow Error Message: System Account - The Workflow could not set Content Approval Status

  This is the first time I try an approval workflow. I am using a template in MS Word and assigned an approval workflow to it. The approval workflow is only going to one person in this case.
  When I start the work flow the following 3 error messages show up:
  Workflow Error Message: System Account - The Workflow could not set Content Approval Status. Enable content moderation for this list and run the workflow again.
  Workflow Error Message: System Account - The e-mail message cannot be sent. Make sure the e-mail has a valid recipient.
  Workflow Error Message: System Account - The e-mail message cannot be sent. Make sure the outgoing e-mail settings for the server are configured correctly.
  Thank you for your kind guidance.

  Hi,
  For the first error: Did you set Content Approval in the workflow?  If so, see if you have it in the versioning settings of the list settings.
  For the second error: double check your recipient is set up as being valid.  Did you type in the email address or is it referring to a people picker field?  also, make sure that in the workflow for the email that you actually populated it in the
  To: field.
  for the third error: I suspect that either your farm is not configured for email.  Or, this error is a knock on from the second error.  If you get the second error rectified it may clear this error.  If not then double check the email settings
  for your farm.
  Johnathan Lightfoot