ACS express v5.0.1 fail to join AD

hi,
i try to integrate my ADE 1010 appliances running on ACS express v5.0.1.1 to my DC running on window 2008 server enterprise edition SP2.
as i fill in the info at domain configuration and test the connection, it's succeed. but once try to save and join it's failed to join the domain.
log extract from acsxp_adagent :
PMOACS AD-SCRIPTS: INFO AD script executed from IP: 10.169.2.100 script: /cgi/adjoindomain.pl/cgi/adjoindomain.pl args: DM=jpmosp.xxx.yy&UN=administrator&CN=OU%3DACS&PDC=jpmosp.xxx.yy&PW=******
PMOACS AD-SCRIPTS: INFO AD join container used: OU=ACS
PMOACS AD-SCRIPTS: INFO AD join Preferred Domain Server used: jpmosp.xxx.yy
PMOACS AD-SCRIPTS: INFO AD join container used: OU=ACS
PMOACS AD-SCRIPTS: INFO AD join Preferred Domain Server used: jpmosp.xxx.yy
PMOACS AD-SCRIPTS: INFO AD join command used: /opt/CSCOacsxp/adagent/bin/adjoin -u "administrator" -p "******" -z NULL --noconf "jpmosp.xxx.yy" -s "jpmosp.xxx.yy"
PMOACS AD-SCRIPTS: CRITICAL Unknown status returned from adjoin
PMOACS AD-SCRIPTS: WARN --- BEGIN FILE LOG FOR /opt/CSCOacsxp/temp/adjoindata.8870 ---
PMOACS AD-SCRIPTS: WARN Cannot resolve computer name "pmoacs" in DNS or /etc/hosts
PMOACS AD-SCRIPTS: WARN Please edit /etc/hosts or your DNS server to set your hostname correctly
PMOACS AD-SCRIPTS: WARN or use --name option to override this check.
what i did on my window 2008 server:
1. log in as the administrator, create a container name "acs", and inside of it create a computer name as "pmoacs"
2. appliance clock is tally with AD-DC server, no time skew problem.
what i did on my Cisco ADE 1010:
1. initial setup only.
thank you
N

Hi,
This is the relevant error message:
"WARN Cannot resolve computer name "pmoacs" in DNS or /etc/hosts"
Please make sure you have the acs hostname configured on the DNS server.
The ACS must be able to resolve its own hostname, otherwise this will fail.
HTH,
Tiago
If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

Similar Messages

  • Join acs express to active directory domain

    i have a problem joining acs express active directory domain , both are reachable to each other in the same subnet & no firewalls between them , but when i test the connectivity it gives this error:
    " required service unavailable. DNS is setup correctly , and the domain controller is reachable , however , one of the required services, such as ldap,kerberos, or global catalog service is not available. This issue may arise if there is a firewall between AD domain controller, and the ACS Express appliance"

    It is sounds like a bug CSCsw29387 Join AD domain, with one DC down fails. If the ACS Express is trying to join an AD domain in a multi domain controller environment and one of the domain controllers is down, the ACS Express will fail to join the domain.

  • Joining ACS express to AD

    Hi all,
    I'm trying to join an ACS express (5.0) to AD. Communication between ACS and AD DCs is correct, but when trying to join the domain I get the following warning:
    1.  Saved settings, but error in joining domain. Error: Domain Controller not reachable by name. DNS is setup correctly, however the domain controller is not reachable via the name that is in DNS. This can be caused by the domain controller being unavailable. It may also be caused by the DNS domain name not matching between the AD domain controller and ACS Express appliance.
    I have verified that the domain controller is reachable by name, and actually in the logs I can see that at some point the ACS tries to create the computer name in the location specified:
    Sep 6 16:28:59 IRMXACSE adjoin[14632]: DEBUG base.bind.ldap xxxxxx.mx.hdi.com:389 fetch dn="<WKGUID=aa312825768811d1aded00c04fd8d5cd,DC=mx,DC=hdi,DC=com>" filter="(objectclass=*)"     (erased name)
    ACS tries to create a zone, but at some point the following error message appears:Sep 6 16:28:59 IRMXACSE adjoin[14632]: DEBUG base.osutil GSSKerberos::initSecurityContext - gss_init_sec_context failed (reference ../smb/utils/gsskerberos.cpp:177 rc: -1765328377)
    At that point, the binding fails and ACS fails to join the domain.
    Any help is highly appreciated,
    Thanks!!!

    That error resolves to KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN   (-1765328377L). Usually, this is due to either
    a missing Service Principal name for AD account or the SPN not being recognized by KDC.  Can you double-check
    that it's in a host/domain.name format?
    Also, what OS is on the DC you're using?  We've seen this error with 2008 DCs and Express 5.0, which was
    resolved by upgrading to 5.0.1.

  • ACS Express radius authentication AD authorization

    I work at a University and for some reason we have multiple systems for authentication and authorization.  That being said I am trying to use radius to do authentication and AD for authorization for VPNs.  I have the radius authentication working against our radius server.  I have my ACS express setup to join the AD domain and everything looks good there.  I setup the AD server as a radius object in AAA server groups on my ASA.  Then I add the server below in the servers in selected groups window.  I put all the info in there and when I hit test I click authorization and put in the username that I know is in the domain group I have associated with this on the ACS.  The test fails and with authorization failed with invalid password.  When I look at the logs on the ACS I see
    01/06/2011 20:14:26 acsxp/server Warning Server 0 AD Agent Plain Text Authentication Failed for user: username@domain
    01/06/2011 20:14:26 acsxp/server Warning Server 0 Authentication for user username failed for reason = 0
    01/06/2011 20:14:26 acsxp/server Error Protocol 0 Request from 172.20.5.2: User username rejected . by RemoteServer: AD (InvalidPassword). 
    Username and domain are correct I just edited them for posting.  It seems like it is trying to authenticate rather than authorize.  All I want it to do is say yes the user is in this group or no the user is not in this group?  You can't even fill in the password when testing authorization?  Maybe I have something setup wrong on the ACS side but when I look at AD under users and identity stores, it says it is joined to the domain.  When I do AD domain diagnostics under troubleshooting everything looks good.  I have the ASA I am testing from defined as a device and in the ASA device group.  Under access services in Radius access services I have one service that I setup that connects to the AD and it found the group so I know it is connecting.  Any idea what I am doing wrong or where to look?
    Any help would be GREATLY appreciated!
    Thanks
    Joe

    Hi Joe,
    We could take a deeper look at what is happening through some logs and debugs:
    1. On ACS Express, under
    Reports & Troubleshooting > Troubleshooting > Server Logs
    please set the Express Server Trace Level to 5 and the Web Server Trace Level to 4.
    Also, for the Log Level under OS Logging, please set its value to "Debug".
    If previous old logs are not essential to you, you may also wanna delete all the log files first, so that we capture logs for the last day only.
    2. On the ASA, please enable the following debugs
    debug aaa authentication
    debug aaa authorization
    debug radius
    3. Then please first recreate a successful authentication attempt, and then recreate the authorization test issue with the same user account for which you tested the successful authentication.
    4. After the issue is recreated, please attach the debugs from the ASA and following files from the ACS Server Logs:
    acsxp_adagent.log
    acsxp_agent_server.log
    acsxp_mcd.log
    acsxp_server.log
    acsxp_server_trace.log
    Regards,
    Fede
    If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

  • ACS Express integration with Active Directory

    Hello,
    I have ACS Express version 5.0.1 installed on Cisco ADE; I'm trying to get it integreated with an Active Directory without sucess.
    I did packet captures on the ASA that is in between and I can see communication going thru just fine. I ran a diagnostic on the ACS express and got this:
    DIAGNOSTIC USING THE IP ADDRESS OF THE DOMAIN CONTROLLER:
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Tabla normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-qformat:yes;
    mso-style-parent:"";
    mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
    mso-para-margin:0cm;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-fareast-font-family:"Times New Roman";
    mso-fareast-theme-font:minor-fareast;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:"Times New Roman";
    mso-bidi-theme-font:minor-bidi;}
    Output of AD Domain Diagnostics:
    IP Diagnostics
    Local host name: he-zfm-acs-01
    Local IP Address: 172.31.67.10
    Not found in DNS!Make sure it is in Reverse Lookup Zone.
    FQDN host name:he-zfm-acs-01.clarocr.americamovil.ca1
    Domain Diagnostics:
    Domain: 172.24.2.93
    Subnet site:
    WARNING! Unable to locate computer's subnet site in Active Directory.
    Ask your Active Directory administrator to add this computer's subnet
    to the appropriate site.
    DNS query for: _ldap._tcp.172.24.2.93
    Found no SRV records!
    Computer Account Diagnostics
    Not joined to any domain
    AD Agent Process Status: Not joined to any domain
    DIAGNOSTIC USING THE AD REALM:
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Tabla normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-qformat:yes;
    mso-style-parent:"";
    mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
    mso-para-margin:0cm;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-fareast-font-family:"Times New Roman";
    mso-fareast-theme-font:minor-fareast;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:"Times New Roman";
    mso-bidi-theme-font:minor-bidi;}
    Output of AD Domain Diagnostics:
    IP Diagnostics
    Local host name: he-zfm-acs-01
    Local IP Address: 172.31.67.10
    FQDN host name:he-zfm-acs-02.clarocr.americamovil.ca1
    Domain Diagnostics:
    Domain: CLAROCR.AMERICAMOVIL.CA1
    Subnet site: TELECOM
    DNS query for: _ldap._tcp.CLAROCR.AMERICAMOVIL.CA1
    Found SRV records:
    rom-pro-dc-03.clarocr.americamovil.ca1:389
    Testing Active Directory connectivity:
    Domain Controller: rom-pro-dc-03.clarocr.americamovil.ca1
    ldap: 389/tcp - good
    ldap: 389/udp - good
    smb: 445/tcp - good
    kdc: 88/tcp - good
    kpasswd: 464/tcp - good
    ntp: 123/udp - good
    Domain Controller: rom-pro-dc-03.clarocr.americamovil.ca1:389
    Domain controller type: Windows 2003
    Domain Name: CLAROCR.AMERICAMOVIL.CA1
    isGlobalCatalogReady: TRUE
    domainFunctionality:
    forestFunctionality: 0 = (DS_BEHAVIOR_WIN2000)
    domainControllerFunctionality: 2 = (DS_BEHAVIOR_WIN2003)
    Forest Name: AMERICAMOVIL.CA1
    DNS query for: _gc._tcp.AMERICAMOVIL.CA1
    Testing Active Directory connectivity:
    Global Catalog: rom-des-dc-01.desa1sv.americamovil.ca1
    gc: 3268/tcp - timeout
    No TCP LDAP response, giving up on rom-des-dc-01.desa1sv.americamovil.ca1
    Global Catalog: rom-amv-dc-02.americamovil.ca1
    gc: 3268/tcp - good
    Global Catalog: rom-tlc-dc-01.telecom.americamovil.ca1
    gc: 3268/tcp - good
    Global Catalog: rom-pro-dc-03.clarocr.americamovil.ca1
    gc: 3268/tcp - good
    Global Catalog: rom-tlc-dc-02.telecom.americamovil.ca1
    gc: 3268/tcp - good
    Global Catalog: rom-amv-dc-01.americamovil.ca1
    gc: 3268/tcp - good
    Domain Controller: rom-amv-dc-02.americamovil.ca1:3268
    Domain controller type: Windows 2003
    Domain Name: AMERICAMOVIL.CA1
    isGlobalCatalogReady: TRUE
    domainFunctionality:
    forestFunctionality: 0 = (DS_BEHAVIOR_WIN2000)
    domainControllerFunctionality: 2 = (DS_BEHAVIOR_WIN2003)
    Domain Controller: rom-tlc-dc-01.telecom.americamovil.ca1:3268
    Domain controller type: Windows 2003
    Domain Name: TELECOM.AMERICAMOVIL.CA1
    isGlobalCatalogReady: TRUE
    domainFunctionality:
    forestFunctionality: 0 = (DS_BEHAVIOR_WIN2000)
    domainControllerFunctionality: 2 = (DS_BEHAVIOR_WIN2003)
    Domain Controller: rom-pro-dc-03.clarocr.americamovil.ca1:3268
    Domain controller type: Windows 2003
    Domain Name: CLAROCR.AMERICAMOVIL.CA1
    isGlobalCatalogReady: TRUE
    domainFunctionality:
    forestFunctionality: 0 = (DS_BEHAVIOR_WIN2000)
    domainControllerFunctionality: 2 = (DS_BEHAVIOR_WIN2003)
    Domain Controller: rom-tlc-dc-02.telecom.americamovil.ca1:3268
    Domain controller type: Windows 2003
    Domain Name: TELECOM.AMERICAMOVIL.CA1
    isGlobalCatalogReady: TRUE
    domainFunctionality:
    forestFunctionality: 0 = (DS_BEHAVIOR_WIN2000)
    domainControllerFunctionality: 2 = (DS_BEHAVIOR_WIN2003)
    Domain Controller: rom-amv-dc-01.americamovil.ca1:3268
    Domain controller type: Windows 2003
    Domain Name: AMERICAMOVIL.CA1
    isGlobalCatalogReady: TRUE
    domainFunctionality:
    forestFunctionality: 0 = (DS_BEHAVIOR_WIN2000)
    domainControllerFunctionality: 2 = (DS_BEHAVIOR_WIN2003)
    Forest Name: AMERICAMOVIL.CA1
    Computer Account Diagnostics
    Not joined to any domain
    AD Agent Process Status: Not joined to any domain

    Dennis,
    TIme in sync on the ACS and AD servers?
    Faisal

  • Unknown CA failure on ACS express

    Hi forumers
    i try to let user access to the network authenticate using ACS express, then map to the AD server.
    somehow i get the error from the authentication report is FAILURE REASON: UNKNOWN CA
    i try and use self-singed certificate, then download the certificate, open and copy the CSR and paste to my CA server.
    I'm using Window's advance certificate request "submit a certificate request by  using a based 64-encoded CMC or PKCS#10 files..." this option.
    somehow i got this error message. (see attachment)
    Question1: is it the right way to do CSR to window CA server? am i doing it right?
    Question2: if i am wrong, any guide for a proper way doing certificate installation for ACS express in order talk to AD server?
    thanks
    Noel

    Hi,
    Actually you do not need to have a signed certificate on the ACS Express to be able to join the AD...
    However, if you still want to do it, then can you please send me the CSR? I can take a look and see if everything is ok...
    HTH,
    Tiago
    If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

  • ACS Express AD

    Hi All,
    I've setup ACS Express and try to join to MS AD. connectivity passed but it says "Saved settings, but error in joining domain. Error: Timeout occured communicating with AD domain controller.
    any suggestion would be very appreciated
    Alex

    Alex,
    Check for communication issues between AD and your express server. Also verify that time is not off by more than 5 minutes.
    HTH,
    Faisal

  • ACS Express 5.0 - "unique authentication" what does it mean?

    Hi to all,
    the ACS Express 5.0 datasheet states: "Cisco ACS Express supports a maximum of 50 AAA clients and 350 unique user logins in a 24-hour period"
    It's clear what's the meaning of the max 50 AAA clients...in fact what is not clear is regarding the max 350 uniques user authentication.
    If I use 802.1 IBNS with PEAP-MSCHAP to do machine authenticaion each machine authentication will count as a unique logon...isn'it? What happens if there are Laptop assigned to sales which spent a lot of time out of the office???
    Each time these laptops reconnect to the network wil count as an extra logon or and increase the logon counter of one or since this laptop is already authenticated on the morning t won't count as an extra unique logon...
    My question is related to the fact that I have a customer who wanto to introduce IBNS-802.1X but have "only" 20-25 AAA clients and max. 200 users (where about 100 are laptop)...and using ACS 5.0 in a redundant way will be too expensive...
    Thanks for a reply
    Omar

    The ACS Express 5.0 Appliance is designed for a maximum of 350 users. This limit does not apply to the number of logins.
    Cisco Secure Access Control Server Express 5.0 QA
    http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps5698/ps6767/ps8543/ps8724/prod_qas0900aecd806d3a4d.html
    Q. How is Cisco Secure ACS Express positioned in comparison to Cisco Secure ACS for Windows (ACS Windows) and Cisco Secure ACS Solution Engine (ACS SE)?
    A. ...Cisco Secure ACS Express is well suited for deployments that need an access control solution for fewer than 350 users and 50 devices. This product is intended to serve small to medium-sized businesses, retail sites and enterprise branch offices where customers need an easy-to-use GUI yet require a comprehensive but simple feature set and a lower price point to address their specific deployment needs.
    For a detailed feature set, please refer to the Cisco Secure ACS Express data sheet at http://www.cisco.com/go/acsexp....

  • Can the WAN port be used as LAN when AirPort Express (2nd Generation) is setup to join a wireless network?

    Can the WAN port be used as LAN when AirPort Express (2nd Generation) is setup to join a wireless network? (IE: 2 LAN ports)
    I haven't been able to get a clear answer on this. I believe the 1st generation would act as WAN/LAN depending on setting, but what happens with the 2nd generation?
    Thank you for your time.

    If the Express joins a wireless network wirelessly, in other words its WAN port isn't connected to anything, the correct way to connect a wired client to it is by using its LAN port.
    I don't know what would happen if you were to connect a wired client to its WAN port instead — it's just not supposed to be used for that purpose. It won't permanently break anything if you were to try it though. If you were, the worst that would occur is that your network would become unresponsive as packets continuously traverse its WAN port in a circular fashion, which might require that you power down your router to reset your whole network.
    If you are already using your Express's LAN port and you need another, the way to provide more ports is to purchase an inexpensive ($10 or so) switch. Connect it to the LAN port and as many other pieces of equipment as the switch's available number of ports.
    You're correct about the first generation with the single Ethernet port. It could be used in either capacity depending on its configuration.

  • Node failed to join the cluster because it ould not send and receive failure detection network messages

    One of my customers has a Windows Server 2008 R2 cluster for an Exchange 2010 Mailbox Database Availability Group.  Lately, they've been having problems with one of their nodes (the one node that is on a different subnet in a different datacenter) where
    their Exchange databases aren't replicating.  While looking into this issue it seems that the problem is the Network Manager isn't started because the cluster service is failing.  Since the issue seems to be with the cluster service, and not Exchange,
    I'm asking here. 
    When the cluster service starts, it appears to start working, but within a few minutes the following is logged in the system event log.
    FailoverClustering
    1572
    Critical
    Cluster Virtual Adapter
    Node 'nodename' failed to join the cluster because it could not send and receive failure detection network messages with other cluster nodes. ...
    It seems that the problem is with the 169.254 address on the cluster virtual adapter.  An entry in the cluster.log file says: Aborting connection because NetFT route to node nodename on virtual IP 169.254.1.44:~3343~ has failed to come up. 
    In my experience, you never have to mess with the cluster virtual adapter.  I'm not sure what happened here, but I doubt it has been modified.  I need the cluster to communicate with its other nodes on our routed 10. network.  I've never experienced
    this before and found little in my searches on the subject.  Any idea how I can fix this?
    Thanks,
    Joe
    Joseph M. Durnal MCM: Exchange 2010 MCITP: Enterprise Messaging Administrator, Exchange 2010 MCITP: Enterprise Messaging Administrator, MCITP: Enterprise Administrator

    Hi,
    I suspected an issue with communication on UDP port 3343. Please confirm the set rules for port 3343 on all the nodes in firewall and enabled all connections for all the profiles
    in firewall on all the nodes are opened, or confirm the connectivity of all the node.
    Use ipconfig /flushdns to update all the node DNS register, then confirm the DNS in your DNS server entry is correct.
    The similar issue article:
    Exchange 2010 DAG - NetworkManager has not yet been initialized
    https://blogs.technet.com/b/dblanch/archive/2012/03/05/exchange-2010-dag-networkmanager-has-not-yet-been-initialized.aspx?Redirected=true
    Hope this helps.
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • ACS Express 5.0 vs ACS 5.0

    What's the difference between the two?
    - Cisco Secure ACS Express 5.0
    - Cisco Secure Access Control System 5.0

    ACS Express 5.0
    http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps5698/ps6767/ps8543/ps8724/product_data_sheet0900aecd806d3b78.html
    ACS 5
    http://cisco.com/en/US/prod/collateral/netmgtsw/ps5698/ps6767/ps9911/ps9915/product_bulletin_c25-504495.html

  • 1552 AP failing to join WLC

    Hello All,
    I am having difficulty joining a 1552 AP to the 5508 WLC. I am using the 3750 switch attached to the WAP as a DHCP server for the AP points.
    The AP obtains a IP address from the DHCP server, however fails to join the WLC. i can telnet to the AP and ping the WLC and from the WLC i can ping the AP.
    I am a little stumped on where to go next.

    Is the port of the switch in trunk mode, which is the WLC connected to?
    I used az internal DHCP of the WLC...
    Notice: Take care about the setting of the region code, because it has to be compatible with the AP (you can find the nr. on the back of it, and you can see in its guide, which region code is compatible with that), but before you change it you have to turn the radio's off in WL settings...
    Posted by WebUser Attila Valguth from Cisco Support Community App

  • Failed to join cluster - Address already in use

    Hi there,
              I'm trying to set up a cluster with WLS 7.0 on Linux (kernel 2.4.20). Apparently, the OS is configured correctly: the kernel is compiled with multicast support and multicast routes have been appropriately defined.
              The admin server starts correctly, and managed servers running on other OSs successfully join the cluster. However, when a I try to run a managed server on this linux, I get the following error:
              <Apr 29, 2003 12:27:52 AM CEST> <Error> <Cluster> <000116> <Failed to join cluster testcluster at address 237.0.0.1 due to : java.net.BindException: Address already in use
              java.net.BindException: Address already in use
              at java.net.PlainDatagramSocketImpl.bind(Native Method)
              at java.net.MulticastSocket.create(MulticastSocket.java:123)
              at java.net.DatagramSocket.<init>(DatagramSocket.java:135)
              at java.net.DatagramSocket.<init>(DatagramSocket.java:107)
              at java.net.MulticastSocket.<init>(MulticastSocket.java:99)
              at weblogic.cluster.FragmentSocket.initializeMulticastSocket(FragmentSocket.java:87)
              at weblogic.cluster.FragmentSocket.start(FragmentSocket.java:110)
              at weblogic.cluster.MulticastManager.startListening(MulticastManager.java:140)
              at weblogic.cluster.ClusterCommunicationService.initialize(ClusterCommunicationService.java:51)
              at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:773)
              at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
              at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
              at weblogic.Server.main(Server.java:32)
              >
              I have tried to change the multicast address but the error persists.
              Am I missing something? Any help would be muchly appreciated.
              

    have you checked to see what is running before you start your oracle app server on your ports? you can use netstat for one

  • Disable SSH version1 in ACS Express 5.0

    Hi,
    Does anybody knows if it is possible to disable SSH v1 in ACS express installed in ADE 1010?
    Appreciate anybody's feedback
    Thanks.
    NetMaint

    Hi,
    This was required by our client to disable SSH v1 after the infosec audit.
    Can this be done? I tried digging but can't find any info. If this can't be done at least provide me some link so I can feedback to our client.
    Appreciate your reply.
    Regards, NetMaint

  • Server failed to join cluster after migration.

    Hi
              <p>
              After migration of weblogic server (wls1) from machine A (fwls1) to B (fwls2), wls1 logged the following: <br>
              <i>Failed to join cluster wlscluster at address 239.192.2.1 due to: <br> java.net.SocketException: Cannot assign
              requested address.
              java.net.SocketException: Cannot assign requested address. </i><br><br>
              Wls2 is part of wlscluster and it is working, so I think that multicast address must be fine. Does anyone know what can be reason for that exception ?
              <br>
              <br>
              Details:
              <ol>
              <li> Weblogic Server 9.2
              <li> wls1 is running at the fwls1 machine; wls2 is running at the fwls2 machine; wls1 and wls2 belong to cluster wlscluster
              <li> migrate wls1 to machine fwls2
              <li> in fwls2:/opt/.../wls1/logs/server.log I got an exception
              <li> fwls1 automatically stands up in fwls1
              </ol>
              Any help appreciated
              </p>
              regards
              <br>Lukas<br>
              <br>WLS 9.2

    hi
              the cluster adress includes ur manged servers listing adress and port number example
              10.192.11.12:6399 is managed1
              10.192.11.12:6400 is managed2
              then these servers under cluster the cluster adress is
              10.192.11.12:6399,10.192.11.12:6400
              multicast adress start from 237.0.0.0 if this used by some another user change this adress

Maybe you are looking for

  • Closing balance field in  FBL1N  transaction

    Hi experts, In FBL1N transaction, what is the field for closing balance at final display. venkey

  • How do I access my online Palm account?

    I need to change the credit card number in my Palm account because my other one expired. I do not see a link anywhere on Palm's web site to access my online account to do this. I know I set it up and even have my password, just don't know the url for

  • SRM Org Structure Replication From HR

    Dear All, We are in the process of Integrating the HR org into SRM. 1) Done the ALE settings. 2) Model view for message type HRMD_ABA created and distubuted, created from the template. 3) Basic settings done in T770s in SRM table. 4) Executed PFAL to

  • System Logon : "Via popup" displayed

    Hi, I am using system logon for my BSP application. The prodiuction landscape has a central instance and some sub instances. The problem is, when the application is launched, the login field and password field are displayed correctly. When the user I

  • Alt Gr + key combination not working in FF?

    When i wont to type for example "@" i cant because in FF combination of Alt Gr key and V are not working. Why the combination is not working and how i can fix that?