ACS for Windows 4.1 - two issues

Hi,
Now that I have my ACS 4.1 server running on Windows 2003, I'm having two issues:
1) I can't view the admin interface with Internet Explorer 7. It just tells me that "Some content or files on this webpage require a program that you don't have installed." It seems to work fine with Firefox 3, and I can connect to our old ACS 3.2 server with IE7 with no problem.
2) We're set up to use Active Directory. I've got the external database set up fine, and have a specific AD security group mapped to a group on the ACS server for myself and one other engineer to have access. That seems to work fine - we can both get into the equipment in enabled mode. I added a third user to the AD group, but that user can't log into the same equipment the other two users can.
I've been searching for solutions to both problems, both in google and on Cisco's site to no avail. Can anyone point me in the right direction?

1) brain fart - I had been putting in the server name and port number and it wouldn't work, but once I started typing the full http://servername:port, it worked. I did have the latest java installed.
2) The group has the correct settings to log in the enabled mode. The other two users in the same group work just fine. I don't seem to have any passed authentication logs - I may need to turn something on for that, but it got me thinking. I checked the failed attempts log, and it seems I don't have windows dialin permissions set on the third account.
Thanks - seems I just needed to have someone point out my n00bishness. ;-)

Similar Messages

  • Replication issues with ACS for Windows 3.3.3 build 11

    I have built two ACS for Windows servers on Windows 2003 SP1. The AD environment is Windows 2003 SP1 as well. I have configured the two ACS servers on each box. However, when I go to replicate from box A to box B, the following error appears:
    Inbound database replication from ACS 'acsradius.asu.edu' denied - shared secret mismatch
    I have double checked the shared secret keys on both servers in the Network Configuration AAA servers section. Any idea what the issue is?
    Thanks.

    Do not run replication to a server installed on Windows 2003. Due to changes in the way Win2003 handles registry changes, each change can take up to 100 times longer and replication can fail and the server hang.

  • ACs For Windows 4.1.(1) build 23

    Hi.
    We´ve got two Windows 2003 Server R2 machines, with installed Cisco ACS For Windows 4.1.(1) Build 23 used for RADIUS users authentication and now days we´re trying to deploy now a TACACS+ configuration to the network device manage now from those ACSs, TACACS+ Accounting tab works fine, but the Accounting administration records or logs are updated but when I click on the TACACS+ Administration Tab the showed log files are empty, I knew about a bug in the 4.1 versión, the question is?
    Can I fix the issue if I upgrade or install only the 4.1.1.23-5 patch?
    It´ll be enough?
    Many thanks.

    Hi.
    We´ve got two Windows 2003 Server R2 machines, with installed Cisco ACS For Windows 4.1.(1) Build 23 used for RADIUS users authentication and now days we´re trying to deploy now a TACACS+ configuration to the network device manage now from those ACSs, TACACS+ Accounting tab works fine, but the Accounting administration records or logs are updated but when I click on the TACACS+ Administration Tab the showed log files are empty, I knew about a bug in the 4.1 versión, the question is?
    Can I fix the issue if I upgrade or install only the 4.1.1.23-5 patch?
    It´ll be enough?
    Many thanks.

  • ACS for Windows vs ACS Appliance?

    First, the only thing I saw on the Appliance was that it was a 'hardened OS'. So I'm assuming like many of their other appliances that this is Windows 2003 locked down? Regardless if it is or not, are there any issues with the appliance being in a mixed environment with ACS for Windows and replication between the two?
    Thanks,
    Raun

    http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/remote_agent/rawo.html
    When you use ACS for Windows, you install it on a member server, which can "relay" the auth requests to the domain controllers.
    ACS SE's are not a member in the domain, therefore you need to install the remote agent on a member/DC, so that it would act as a "relay agent" for the auth requests.
    You'll also need to manually create a workstation account in AD to allow auth requests from the ACS SE's.
    The default name used is "CISCO", but it can be defined differently.
    For this part, see
    http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/remote_agent/rawi.html#wp311476

  • Can Appliance 1113/1120 running ACS 4.1 replicate to ACS for Windows 4.2.1.15.2

    Anyone tested/tried to replication from ACS 4.1 (running on Appliance) to ACS for Windows 4.2(1)?

    Hi ,
    For replication to work between the two acs they should be on same version and patch level.
    Thanks
    Waris Hussain.

  • Identify Patch Version in ACS for Windows 4.2

    Hi guys,
    I need to identify the correct patch Version in a Customer ACS for Windows 4.2
    How can I do this task ?
    In the about page I cannot find any reference to patch
    My Best Regards,
        Andre Lomonaco

    Hi Lomon,
    After login in to ACS application. You can click on the Cisco logo on top left... You can find the patch version.please refer the below screen shot.
    Please do rate if the given information helps.
    By
    Karthik

  • ACS for Windows 4.01 question

    Easy question, how do you see the serial number for ACS for windows? is there a command line, is it just the pak # licenses ?
    Thanks.

    Hi,
    No serial number for ACS for windows. No license required for ACS for windows.
    Hope this helps.
    Regards,
    Anisha
    P.S.: please mark this post as answered if you feel your query is resolved. Do rate helpful posts.

  • Password History Validation - ACS for Windows 4.2.x

    Hello,
    I'm evaluating the Secure ACS for Windows v4.2 platform against PCI DSS v2.0, specifically the "Implement Strong Access Control Measures" section.
    We currently run version 4.0(1) Build 27 and use local user and password management.
    For a variety of reasons I'd prefer to maintain this approach rather than pursue integration with an external identity store such as AD, but I need to know whether or not the in-bult password validation options are stringent enough to meet all of the relevant requirements.
    I believe from the research I've done so far that version 4.2.x should meet the majority, but there is one in partiuclar about validation of previously used passwords that I'm still unclear on.
    In the "Local Password Management" section of the ACS 4.2.1 User Guide (Text Part Number: OL-20208-01) it states that the password validation options include "Password is different from the previous value".
    The PCI standard states: "Do not allow an individual to submit a new password that is the same as any of the last four passwords he or she has used."
    Q) How many previous passwords is the newly submitted password validated against? Is it just the last one or will it check against more? Is there any way to configure how many it checks against?
    Any help or guidance very much appreciated.
    Cheers,
    Nick

    Hi Lomon,
    After login in to ACS application. You can click on the Cisco logo on top left... You can find the patch version.please refer the below screen shot.
    Please do rate if the given information helps.
    By
    Karthik

  • Jabber for Windows - Outlook Meeting integration issue/questions

    Hi,
    A couple of questions if anyone else has experienced or can answer:
    1. When you turn on Jabber it appears in the trace file to create a transitionlist of meetings in your calendar for the next four hours. Eg if meeting 8-9 it will show 8:00 BUSY
            9:00 FREE
    and this works ok. This transitionlist also seems to update each time a status change occurs from what I have observed.
    The problem we seem to have is if I open Jabber at 7.45am and have a meeting 8 - 9 then it shows "In a meeting", then if I create a meeting at 9.15am for 10am-10.30am, the meeting status does not change as it seems to operate of the four hour transitionlist. I have the setting in the CUPS server for exchange sync to happen every twenty minutes, but this does not seem to update.
    I'm be focussing on the wrong area but basically not all calendar appt's update status in Jabber, especially the one's created within the four hour pperiod.
    2. To have the presence status of a person in an Outlook email address field, do you need 2010 or does it work with prior versions, we currently operate 2003. I have configured the SIP component in AD, but no status or click to call facility from Outlook.
    Thanks in advance
    Mal

    Hi Mal,
    Thanks for your post. Issue (1) sounds like a configuration issue in your setup. Please open a TAC case for further assistance.
    Regarding (2), Jabber for windows does noot support Office 2003. List of supported MS Office applications is listed in Jabber for Windows administration guide.
    http://www.cisco.com/en/US/docs/voice_ip_comm/jabber/Windows/9_0_1/b_jabber_win_icg_chapter_01000.html#reference_AC2F9334FEC54DA98861EB52944C6F08
    Thanks,
    Maqsood

  • Jabber for windows 9.7 photo issue

    Hello,
    I'm facing an issue with corporate photos on Jabber version 9.7. Before, with version 9.2 i had the same problem but after add an entry on the file jabber-config.xml the corporate photos were already shown.
    What can be the cause for this behaviour with version 9.7?

    Hi Amit,
    Hope you're doing well. Guess the problem is solved. We installed this new version 9.7 of jabber on a machine with Windows XP OS. After reviewing the Cisco Jabber for Windows 9.7 Release Notes I noticed that the only available Operating Systems for jabber 9.7 are:
    Operating System Support Cisco Jabber for Windows 9.7 supports the following operating systems:
    •Windows 7 (32 bit and 64 bit)
    •Windows 8 (32 bit and 64 bit). Note: Metro Interface and Windows 8 RT are not supported.
    •Windows 8.1 (32 bit and 64 bit). Note: MediaNet (including deskphone video feature) does not currently support Windows 8.1
    Thanks a lot!

  • Remote Agent for ACS for Windows 2008 R2 64-bit

    Hi,
    We having difficulties with installing remote agent on windows 2008 R2 64-bit server and got the attached error.
    Our ACS is 4.2.0.124 and remote agents we tried are :Remote-Agent-ACSse-win-v4.2.1.15-K9.zip and Acs-4.2.1.15.9-RA.zip.
    I see following urls says it does not support Windows 2008 R2 and also 64-bit Windows,
    https://supportforums.cisco.com/message/3135061#3135061
    http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/remote_agent/rawi.html#wp289019
    However following url says its support 2008 R2 with 64-bit version
    http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2.1/Release_Notes/acs421_rn.html
    Appreciate if someone can adivse us what vesion (file name) of Remote Agent can support (or working) for Windows 2008 R2 64-bit.
    thanks in advance

    Hi Tarik,
    What I wanted to say that the below url says that ACS 4.2 does not support on 64-bit OS:
    ACS Requirements
    You must use ACS Remote Agent for Windows, version 4.2, with ACS SE, version 4.2. We do not support other Cisco Secure ACS releases.
    Note ACS Remote Agent 4.2 for Windows does not support 64-bit operating systems.
    http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/remote_agent/rawi.html#wp289019
    However could you please let me know what exact Remote Agent file you recommend to use for windwos 2008 R2 64-bit Server. The ACS SE version that I have is 4.2.0.124.
    Thanks

  • ACS for windows first login

    Hi while installing ACS 4.1 for windows, there was no option for setting admin username and password. how can i login into it? in the installation guide there is no default username and password. help

    After you finish the install, you can access ACS from the web browser on the server that you installed ACS on without credentials. Then you can setup you admin accounts.

  • Jabber for Windows client Voice Mail issue

    hi, cisco guys
        i have a collaboration test for my customer in resent days.
        the follow picture is the topo of my test system
       1.  cucm1 use ICT non-GK trunk to connected with cucm2 and the ip phones with dn 56xx registered on cm1
        the iphones and jabber clients with dn 54xx registered on cm2
       2. cm2 intergrated with Unity Connection server and  Cups server
           the version of cm1 and cm2 and unity connection is 8.6.2-21900
          the version of cups is 8.6.4
      3.  the issue occurrenced when the ip phone user 5412 call to 5411 but no answered, user 5412 sent a
          voice mail to user 5411,only MVI of the ip phone 9951 with dn 5411 turned on but jabber client wihtout any prompt message
          but when the user 5665 which  registered on cm1 called user 5411 and sent a voice mail , status in normal,
          mvi turned on , the jabber client also can  recived the prompt message and the the vocie mail could be played on the jabber client
          what's the issue  probably be caused by & how can i solve it
          need your help!!!!

    I don't know if you have a specific subnets permitted in the CUPS ACL
    This is dangerous and incorrect guidence. The Incoming ACL allows the addresses defined to bypass authentication. In other words, I could impersonate your CEO if I wanted to. There are only two common use cases where doing this is appropriate: 1) the CUxAC server IP; or 2) older versions of CCX where CAD didn't support DIGEST authentication.
    As for the original question: your English is difficult to understand. Is the following problem statement accurate?
    When 5412 on CM2 leaves a voicemail for 5411 on CM2, the MWI is lit for 5411 but Jabber does not reflect the waiting message?
    If this is accurate, is the message also shown in the Web Inbox? https:///inbox
    The serverIP should be the CUC server defined in the voicemail profile on CUPS for the user who owns 5411.
    Please remember to rate helpful responses and identify helpful or correct answers.

  • With Cisco Secure ACS For Windows TACACS+, authentication fails with AD

      I am setting up a Cisco Secure ACS 4.2 server to act as a TACACS server for Switches and Routers  I am using Windows 2003 server for the ACS,
    and a Windows 2003 Active Directory server.  The AD server is fine, as it is used for many other things.
    I have set up ACS as defined nit he installation guide, including all the steps in the 'Member Server' section of the install guide
    when using AD as an external database (i.e. setting up the services to run with a domain admin account, setting up a machine called 'CISCO'
    on the domain etc).
    I've set the unknown user policy to use the Windows database if the internal database doesn;t contain the user details.
    If I add a user to the internal database, the authentication goes through fine, with an entry in the 'Passed Authentications' log,
    02/24/2010,05:07:03,Authen failed,eXXXX,Network Administrators(NDG) ,X.X.X.X,(Default),Internal error,,(geting error message as INternal Error)
    I've scoured google etc, and just cannot come up with any reason why this should be happening.
      I've followed all the install guides to the letter.  I need to get this up and running as soon as possible,
    so am looking forward to finding out if anyone can help me with this one!
    THanks and regards
    Sharan

    Hi  Jesse,
    Thasts a great answer and Soution.
    My previous version was 4.2 and it was installed on 64 bit machine hence getting internal Error.
    After this answer i have upgraded it to ACS4.2.1 and its started working fine
    Thanks very much for the help
    Dipu

  • Acs for windows doesnt work with w2k8

    Hi Folks
    I have win 2008 server as DC,
    i have installed acs 4.2 on menber server (win 2003) , but it doesn't work, how to let this one work , any patch for that
    thanks

    Hi,
    Inorder to support windows 2008 you need ACS 4.2.0.124 patch 4.
    http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/release/notes/ACS42_RN.html
    If you have a windows 2k8 R2 as DC, then you need an ACS 5.2
    http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2.1/Installation_Guide/windows/install.html#wp1041324
    Hope this helps..
    Regards,
    Anisha
    P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

Maybe you are looking for

  • How to get watermark in main window of SAPSCRIPT FORM

    can anyone help me to get watermark in a SAPSCRIPT FORMS in all pages

  • Portege 3440 Display driver problems (2nd Screen)

    Hello to the complet comunity. I hope you will understand my post and will have not so big problems to understand it. I come from Germany. The Toshiba is a very wonderful Notebook. But since I have updated it from Win98Se too Windows 2000 I have a po

  • How to create a popup windown with javascript?

    Hi, every one, I made a jsp program. I know we can use win.open, win.close to create, to close a popup window with javascript. But I don't know how to create a popup window ,display some message on this window and there is a button on it for closing

  • Problem auto-creating tables with the IBFBS sample

    Hello, I'm fairly new to JDeveloper and OC4J and am trying to configure the new Financial Brokerage Service (IBFBS) sample to run on my system. I followed all of the setup instructions but have had problems getting the application to work. I've worke

  • Understanding this trigger

    Hi , What does this trigger do ? CREATE OR REPLACE TRIGGER "LR_INS_02" BEFORE INSERT ON "TT"."LR" REFERENCING OLD AS OLD NEW AS NEW FOR EACH ROW when (NEW.R_ID IS NOT NULL) BEGIN SELECT E_TYPE INTO :NEW.ETYPE FROM R WHERE R_ID = :NEW.R_ID; END; is it