ACS UCP Issue
I have ACS , IIS & UCP installed on same Windows 2003 server. UCP was installed recently. IIS configuration was done before UCP installation.
After installation I tried to access UCP via the URL http://localhost/secure/login.htm
I get the login prompt. When i enter username and password, i am getting "page cannot be displayed" webpage. Please let me know resolution for the same.
I am running into the same situation.
I have windows 2003 running ACS version 4.0.1.
The ISS server is running and serving web page.
ACS 4.0.1 and IIS run on the same server
I followed the instructions steps-by-steps in
the release notes. When I type https://server/secure/login.htm, I can see the
UCP page. However, after I type in the username
and password, I got this link:
The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.
Please try the following:
Make sure that the Web site address displayed in the address bar of your browser is spelled and formatted correctly.
If you reached this page by clicking a link, contact the Web site administrator to alert them that the link is incorrectly formatted.
Click the Back button to try another link.
HTTP Error 404 - File or directory not found.
Internet Information Services (IIS)
I make everything under c:\inetpub\wwwroot\
FULL control to EVERYONE. I am at a lost here
can someone help? The link provided above did
not work for me either. The windows 2003
is a stand-alone box.
Thanks.
Similar Messages
-
ACS UCP banner logo changes asistance required
Dear all,
I'm looking for help from ACS expert about UCP (User Change Password) the landing page banner logo changes. Your advice is very appreciated. Let me explain in details.
My company has ended the contract with vendor back to few months ago. All the network devices included ACS are now handed over to our management. The ACS UCP (User Change Password) landing page has been changed by previous vendor from Cisco logo to their company Logo. Since now the device has been changed management. My manager would like this logo to change it back to my company logo. I had try to search through the whole ACS clickable function but no luck and try to search through Cisco link but do not find the related documents.
Can any ACS expert to guide me or link me to the correct document what should I do to make this changes? The sample of Cisco UCP page are attached, the logo i meant is the top left corner logo. I brush it out and replace with ABC company.TQVM.
Very very appreciate your advice.
Regards
ChongIf you have the webpage directory of the UCP you can use the tools within IE, Mozilla or Chrome to find out which image is used in the webpage. This depends on how the webpage was construced meaning if a style sheet or simple html tag for the logo your are looking to replace.
You will most likely need to restart the web server. (always keep a backup of your old config and track your changes carefully).
You can try to ask TAC to see if they can provide assistance, but this is not supported, only the test code they provide falls within support any customization is expected to be documented on the customer's end for scenarios like this, however it doesnt hurt to ask. You can also suggest someone at your company if you have a web development team (I do not mean to sound insulting in anyway, but I myself could not build a webpage to save my life and have always found luck when my customer's provide web development code that I can play with and modify if needed).
Mozilla -
https://developer.mozilla.org/en-US/docs/Tools/Page_Inspector
Chrome -
http://webdesign.about.com/od/chrome/a/view-source-chrome.htm
I.E.-
http://support.microsoft.com/kb/176222
You should be able to google for additional browsers as well.
Thanks,
Tarik Admani
*Please rate helpful posts* -
ACS replication issue on VMware ESX 3.5
I have just installed ACS 4.2 on two VMware hosts. I've configured database replication but it won't work. The error message is "shared secret mismatch". This error message occurs if a NAT device is in the path (which it isn't in this case) or if the tcp header is otherwise changed during transmission. I'm wondering if VMware is adding something to the TCP header. Has anyone come across this problem before or has anyone successfully implemented ACS replication when both hosts are on VMware?
Thanks.Hi,
I see that you are getting "shared secret mismatch error" under database replication logs. Just wanted to inform you that this is not because of nat'ed device. This happens when we have different keys for AAA servers on primary and secondary ACS.
The primary server must be configured as an AAA server and must have a key.
The secondary server must have the primary server configured as an AAA
server and its key for the primary server must match the primary servers own
key. The shared secret key should be same on the both the ACS's.
I am sending you one link for Setting Up Replication for Cisco Secure ACS, I
am sure this example with screen shots gives you better understanding.
Please visit the below suggested ULR:
http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration
_example09186a00800e518a.shtml
If that doesn't resolve the issue, please let me know if you see any server with this ip address 127.0.0.1.
HTH
JK
-Plz rate helpful posts- -
Password aging with ACS + UCP in a wireless network.
Hello
We want to use ACS in our wireless network, but we would like to allow users to change their own passwords, so we want to use UCP.
Additionally, we want to force them to change their passwords after a period of time or number of logins.
Is it possible to use password aging based on time or number of connections when users connect through UCP web interface?
Also, does using UCP requiere some kind of additional license/payment?
Thanks.Juilo,
No the UCP sample scripts have to run on a seperate ACS server and you have to enable the ucp intefaces through the cli to accept the UCP requests from the other server.
Here is a link that will help you.
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.4/user/guide/admin_config.html#wp1105672
Tarik Admani
*Please rate helpful posts* -
802.1x - ACS authentication issue.....
I will attempt to explain the history of our wireless controller configurations as best I can. We are currently using a 4400 controller running 7.x software which authenticates to and ACS 4.1 appliance. All of this was set up prior to my arrival on the job and the previous engineers had already left with no documentation in place so I'm trying to piece it together. The ACS is setup to map to AD for specific groups.
In the controller we have an SSID called triton which is our corporate SSID that all internal users connect to. Three different interfaces have been defined, a general one for most users and two others( lets call them INT1 and INT2) that place users on separate ip networks. The reason for this is those ip networks can reach certain services that are not allowed for general users. ACS maps those users upon authentication to the Vlans associated with those separate ip networks.
Problem 1. When I first took this job, users could not map drives or any services because only user authentication was taking place..After some troubleshooting and realization that ACS was authenticating, placing the "Domain Computers" group as an ACS group mapping fixed that issue, allowing the computers to authenticate prior and therefore execute the login script
Problem 2. Recently it has come to my attention that some of the users on one of the other interfaces (INT1 and INT2) that should be placed in the vlans associated with their AD group mapping are not. Upon further investigation it was discovered that the reason they are not is that the authentication is not correct. When the computer first authenticates before the user logs on its shows in ACS as host/xxxxx.yyyy.org where the user authentication shows as xxxxx/username . So some of the computers never change from authenticating as a host to a user and the ip address ends up in the wrong vlan.
Please help. I'm not extremely familiar with Cisco 802.1x setup and the documentation is poor at best.Ok, maybe I should be asking what the proper way to set up both machine authentication and user authentication through the 4400 and ACS 4.1 is then.
The topology that I know of is this. Single 4.1 ACS appliance and single 4400 controller with approximately 35 LWAPP's. In the past ONLY user authentication was being used which presented problems with Group Policies and login scripts executing. Adding the AD "Domain Computers" group as an ACS mapped group solved that problem by allowing the domain computers to authenticate and gain access to the network prior to logon (but maybe they were still actually using "user authentication"?). Not sure if this was the proper way to solve the issue but it worked and we at the time didn't notice any side effects. Although now we are seeing users end up in the wrong VLans and when we look at the logs in the controller the computer they are on is only registering as host/xxxx.yyyy.org (machine authentication) which drops them into the default vlan instead of the vlan which they should be based upon AD group membership from ACS.
I am very familiar with other wireless products and controllers such as Aruba. In the Aruba, when the machine first booted up and gained access to the network it was using machine authentication, but as soon as the user logged on the supplicant would push the user credentials and change the method to user authentication. In the Aruba we used the windows supplicant. I'd like to do the same with Cisco.
As far as I can tell, there is only a server side (ACS) certificate from Thwate that is used to authenticate. -
Yesterday we had two ACS 4.0 servers installed on Windows 2000 Domain Controllers that were working great. ACS1 was the primary server and replication was configured to send to ACS2. ACS2 replication was configured to receive from ACS1.
We lost ACS2 yesterday so I installed ACS 4 on a 2003 Domain Controller (ACS3). I installed ACS3, went into network configuration and added ACS1 as an AAA server.
I then logged onto ACS1 and added ACS3 as an AAA server and configured ACS3 as a replication partner.
It is not replicating - if I look at the log I get
ERROR, ACS 'ACS3' has denied replication request
I do not have the primary as a replication on the secondary.
I have some screen shots of the configuration from ACS2 and I've duplicated everything I've could (except for name and IP).
Any ideas on what I can try next?I had what seems to be the same issue.
In my case I have two ACS SE 1113 appliances, but the issue could still be the same with your Windows servers.
The appliance has two NIC's - I had both of the NIC's connected. Although the appliance only allows you to use the Primary NIC (the bottom one) ACS still detected the Secondary NIC and creates an additional "AAA Server" entry under the "Network Configuration" tab called "self". You should only have one "self" entry in your AAA Server list, not two.
Unfortunately I couldn't find a way to undo this. So I disconnected the Secondary NIC (the top one) and used the recovery CD to reload both of my ACS devices. Now everything works just fine.
- Nate -
Hi All
My customer is having a strange issue with his ACS.
the current error is as follows
ShellProfile,12/03/2012,13:18:26:709,ERROR,3058101152,NIL-CONTEXT,DeviceAttrFactory::createAttrValue with marker
= *,DeviceAttrFactory.cpp:29
Also when he tries to create show run he gets the following error however, the config does get created.
% Error: acs manifest has no TAC information
before I run to the TAC, has anyone experienced this, i was not able to find anything on the net, not even spam link
Absolutely 0
thanks in advance
lancellotAamir,
I'm sure you've got this resolved still adding my inputs in case someone else facing the same issue.
The reason why you're seeing this error message
22043 Current Identity Store does not support the authentication method
because LDAP doesn't support PEAP-MSCHAPv2. It only supports PAP in non-EAP requests and EAP-TLS, EAP-GTC and PEAP-GTC in EAP requests.
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide
/eap_pap_phase.html#wp1014889
If you can't change the EAP flavor in your network, then you can migrate to Active directory as it supports peap-mschapv2.
~BR
Jatin Katyal
**Do rate helpful posts** -
Hi
We have Cisco AP's set up around our buiding. This is controlled by our WLC. We also have a Cisco ACS server set up. Some of our domain users are able to go our customers sites which are on different domains and are able to gain access to thier own home domains by logging on with laptops. I know the customers IT department are using RADAIUS and ARUBA Wireless.
I have been asked if we can allow customers to come to our office and allow then to log onto thier laptops, connect remotly through our wireless and let them connect to thier domain.
I believe this is possible through the ACS server, The ACS server would have the customer domain name configured in user and identity, Radius identity servers. The user would log in and authentication and would be directed through a different vlan to the cust AD.
I have set up a test WAP on our WLC, Logged in with a laptop which is running windows 7 that does not belong to our domain. The ACS can see this but will not grant access. I believe that this is a certificate problem.
Are there any settings that I may have missed or can anyone shed any light or advice on this please.
Thank you
RegardsJayesh,
You can use the radius proxy feature in ACS, when the external users connect you can build a rule such that "username ends with external.com" to use the radius proxy server "A". you will need to build the proxy connect with their radius server.
Thanks,
Tarik Admani
*Please rate helpful posts* -
Hi all,
I wonder how to increase performance for ACS reporting in our SCOM 2012, we have the reporting server installed on the management server and the ACS database on another server.
When we try to open a report with ACS, it is taking long time and for one day and exporting it takes too long with no luck.Hi,
this is a very broad question and
there is no easy answer.
From a high level view we are talking about at least three things:
SQL DB Engine performance,
Reporting Services performance,
Query performance.
You can find a lot of articles on this
topic here are just a few:
SQL DB Engine
http://blogs.msdn.com/b/indrajit/archive/2013/12/12/sql-server-database-engine-performance-tuning-basics.aspx
SSRS
http://blogs.msdn.com/b/sqlcat/archive/2013/10/30/reporting-services-performance-and-optimization.aspx
http://technet.microsoft.com/en-us/library/bb522786.aspx
http://www.sqlservercentral.com/Tags/Reporting+Services+(SSRS)/Performance+Tuning/
http://www.mssqltips.com/sqlservertip/2328/sql-server-reporting-services-reports-performance-debugging-and-analysis/
Regards,
Ivan -
Hello guys,
actually I was happy founding the RDBMS function in AAA to get my hundred of aaa clients into the database, but now I am stuck with the a problem.
I would like to summarize some aaa devices in one AAA entry, which means it will have several ip adresses inside.
According to the RDBMS function I can only add 1 ip adress per csv-line. Is there no work around to push more in the aaa entry without adding them manually?
If I try by using several csv-lines with the same name, but different ips, I just get an error.
Thanks for your help!You can not use several IP in one AAA client entry. But you have the following options,
1. You can define a NDG "network device group" and put the same type of AAA client into the group.
Or.
2. You can use "Wildcard asterisk" or IP range to include multiple IP address with one AAA client, like 10.1.1.* or 10.1.1.1-10.1.1.100. -
Unable to setup ACS UCP ver4.1 in Windows 2003 Server Standard
Please refer to the attachment "error.JPG". When i launch the setup.exe, it show me the error message. Seem like the setup file is created for 16bit OS. Anyone can help?
Ensure that the web server uses Microsoft IIS 6.0 (included with Windows Server 2003).This error states that the setup.exe file is missing and so i think that the error is in installing the UCM.so reinstall the UCM by following the procedures provided in the installation guide.
-
I would love some help with this issue. I have configured my SharePoint foundation 2010 site to use Claims Based Auth with Certificate authentication method with ADFS 2.0 I have a test account set up with lab.acme.com to use the ACS.
When I log into my site using Windows Auth, everything is great. However when I log in and select my ACS token issuer, I get sent, to the logon page of the ADFS, after selected the ADFS method. My browser prompt me which Certificate identity I want
to use to log in and after 3-5 second
and return me the logon page with error message “Authentication failed”
I base my setup on the technet article
http://blogs.technet.com/b/speschka/archive/2010/07/30/configuring-sharepoint-2010-and-adfs-v2-end-to-end.aspx
I validated than all my certificate are valid and able to retrieve the crl
I got in eventlog id 300
The Federation Service failed to issue a token as a result of an error during processing of the WS-Trust request.
Request type: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
Additional Data
Exception details:
Microsoft.IdentityModel.SecurityTokenService.FailedAuthenticationException: MSIS3019: Authentication failed. ---> System.IdentityModel.Tokens.SecurityTokenValidationException:
ID4070: The X.509 certificate 'CN=Me, OU=People, O=Acme., C=COM' chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. 'A certification chain processed
correctly, but one of the CA certificates is not trusted by the policy provider.
at Microsoft.IdentityModel.X509CertificateChain.Build(X509Certificate2 certificate)
at Microsoft.IdentityModel.Tokens.X509NTAuthChainTrustValidator.Validate(X509Certificate2 certificate)
at Microsoft.IdentityModel.Tokens.X509SecurityTokenHandler.ValidateToken(SecurityToken token)
at Microsoft.IdentityModel.Tokens.SecurityTokenElement.GetSubject()
at Microsoft.IdentityServer.Service.SecurityTokenService.MSISSecurityTokenService.GetOnBehalfOfPrincipal(RequestSecurityToken request, IClaimsPrincipal callerPrincipal)
--- End of inner exception stack trace ---
at Microsoft.IdentityServer.Service.SecurityTokenService.MSISSecurityTokenService.GetOnBehalfOfPrincipal(RequestSecurityToken request, IClaimsPrincipal callerPrincipal)
at Microsoft.IdentityServer.Service.SecurityTokenService.MSISSecurityTokenService.BeginGetScope(IClaimsPrincipal principal, RequestSecurityToken request, AsyncCallback callback, Object state)
at Microsoft.IdentityModel.SecurityTokenService.SecurityTokenService.BeginIssue(IClaimsPrincipal principal, RequestSecurityToken request, AsyncCallback callback, Object state)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract.DispatchRequestAsyncResult..ctor(DispatchContext dispatchContext, AsyncCallback asyncCallback, Object asyncState)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract.BeginDispatchRequest(DispatchContext dispatchContext, AsyncCallback asyncCallback, Object asyncState)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract.ProcessCoreAsyncResult..ctor(WSTrustServiceContract contract, DispatchContext dispatchContext, MessageVersion messageVersion, WSTrustResponseSerializer responseSerializer, WSTrustSerializationContext
serializationContext, AsyncCallback asyncCallback, Object asyncState)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract.BeginProcessCore(Message requestMessage, WSTrustRequestSerializer requestSerializer, WSTrustResponseSerializer responseSerializer, String requestAction, String responseAction, String
trustNamespace, AsyncCallback callback, Object state)
System.IdentityModel.Tokens.SecurityTokenValidationException: ID4070: The X.509 certificate 'CN=Me, OU=People, O=acme., C=com' chain building
failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. 'A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider.
at Microsoft.IdentityModel.X509CertificateChain.Build(X509Certificate2 certificate)
at Microsoft.IdentityModel.Tokens.X509NTAuthChainTrustValidator.Validate(X509Certificate2 certificate)
at Microsoft.IdentityModel.Tokens.X509SecurityTokenHandler.ValidateToken(SecurityToken token)
at Microsoft.IdentityModel.Tokens.SecurityTokenElement.GetSubject()
at Microsoft.IdentityServer.Service.SecurityTokenService.MSISSecurityTokenService.GetOnBehalfOfPrincipal(RequestSecurityToken request, IClaimsPrincipal callerPrincipal)
thx
Stef71This is perfectly correct on my case I was not adding the root properly you must add the CA and the ADFS as well, which is twice you can see below my results.
on my case was :
PS C:\Users\administrator.domain> $root = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\
cer\SP2K10\ad0001.cer")
PS C:\Users\administrator.domain> New-SPTrustedRootAuthority -Name "domain.ad0001" -Certificate $root
Certificate : [Subject]
CN=domain.AD0001CA, DC=domain, DC=com
[Issuer]
CN=domain.AD0001CA, DC=portal, DC=com
[Serial Number]
blablabla
[Not Before]
22/07/2014 11:32:05
[Not After]
22/07/2024 11:42:00
[Thumbprint]
blablabla
Name : domain.ad0001
TypeName : Microsoft.SharePoint.Administration.SPTrustedRootAuthority
DisplayName : domain.ad0001
Id : blablabla
Status : Online
Parent : SPTrustedRootAuthorityManager
Version : 17164
Properties : {}
Farm : SPFarm Name=SharePoint_Config
UpgradedPersistedProperties : {}
PS C:\Users\administrator.domain> $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\
cer\SP2K10\ADFS_Signing.cer")
PS C:\Users\administrator.domain> New-SPTrustedRootAuthority -Name "Token Signing Cert" -Certificate $cert
Certificate : [Subject]
CN=ADFS Signing - adfs.domain
[Issuer]
CN=ADFS Signing - adfs.domain
[Serial Number]
blablabla
[Not Before]
23/07/2014 07:14:03
[Not After]
23/07/2015 07:14:03
[Thumbprint]
blablabla
Name : Token Signing Cert
TypeName : Microsoft.SharePoint.Administration.SPTrustedRootAuthority
DisplayName : Token Signing Cert
Id : blablabla
Status : Online
Parent : SPTrustedRootAuthorityManager
Version : 17184
Properties : {}
Farm : SPFarm Name=SharePoint_Config
UpgradedPersistedProperties : {}
PS C:\Users\administrator.PORTAL> -
ACS 5.3 Dot1x for Wired/Wireless
Hi Community,
I have a query regarding ACS 5.3 installation. I have wired and wireless clients in my setup, with Nexus 5k and 45k Switches and WLC-5508. Also we are using MicroSoft AD to authenticate clients for Network access.
My questions are
1. Can we configure dot1x in this scenario to use Password only (no certificates needed at all)? OR we must need certificates in order to config it perfectly (like AD and ACS synch issues etc)?
2. If Yes can someone point out to any good docs that can help ?
Regards,
HammadHi Jatin,
Thanks for the tips earlier. However I installed ACS 5.4 and then configure the server from scratch.
I am getting MAB as well as Dot1X authentication. But for two different users getting two different results for DOT1X, Wondering why is this happening? is it a ACS/Switch config issue or is it related to AD?
I am finding one user is getting perfectly authenticated while the Other is showing "Authorization failed" yet still able to access the NW.
#$cation sessions interface tenGigabitEthernet 1/1/12
Interface: TenGigabitEthernet1/1/12
MAC Address: 28d2.4421.109c
IP Address: 10.160.193.100
User-Name: ABC\shuser
Status: Authz Success
Domain: DATA
Security Policy: Should Secure
Security Status: Unsecure
Oper host mode: multi-auth
Oper control dir: both
Authorized By: Authentication Server
Vlan Policy: N/A
ACS ACL: xACSACLx-IP-SSH-PERMIT-ALL-5270ce52
Session timeout: N/A
Idle timeout: N/A
Common Session ID: 0AA000010000010548A006AC
Acct Session ID: 0x000007A4
Handle: 0xA1000106
Runnable methods list:
Method State
dot1x Authc Success
CS01#
CS01#
CS01#$cation sessions interface tenGigabitEthernet 1/1/12
Interface: TenGigabitEthernet1/1/12
MAC Address: 28d2.4421.109c
IP Address: 10.160.193.100
User-Name: host/TESTPC01.sportshub.com.sg
Status: Authz Failed
Domain: DATA
Security Policy: Should Secure
Security Status: Unsecure
Oper host mode: multi-auth
Oper control dir: both
Authorized By: Authentication Server
Vlan Policy: N/A
Session timeout: N/A
Idle timeout: N/A
Common Session ID: 0AA000010000010648A11C04
Acct Session ID: 0x000007AD
Handle: 0x61000107
Runnable methods list:
Method State
dot1x Authc Success
================================
SWITCH PORT CONFIG:
int ten1/1/9
switchport mode access
dot1x pae authenticator
dot1x port-control auto
authentication host-mode multi-auth
authentication violation restrict
dot1x timeout tx-period 10
dot1x timeout quiet-period 20
authentication timer reauthenticate server
dot1x max-reauth-req 3
Regards,
Hammad -
HI
I have installed acs se for peap authenetication in a wireless network .
however when i install the acs se it shows me 2 profiles (self and deliverance) after initial config in the aaa server window of network configuration .
The name of the default server is delivernace and its ip is 169.x.x.x which is the default nic ip as u can check it out during the initial startup configuration.
Pls help me to get this fixedHi.
The name of the ACS SE listed in AAA Server section is "self".
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/NetCfg.html#wp341780
"In ACS SE, the name of the machine is listed as self."
"deliverance1" is the default ACS SE name(hostname).
Sometimes what happens is, even if we have ACS SE connected to Netowork during initial configuration. And we change the name of the ACS SE from "deliverance1" to something that we want. After changes has been made, on ACS SE, it comes back, and shows the ip 169.x.x.x associated with the new hostname.
NOTE: I am considering that during initial configuration ACS SE was connected to network. If not, then this is supposed to happen.
In order to correct this issue, follow following steps:
[1] On ACS hardware/appliance go to,
Reports and Activity > Appliance Status Page >
From "NIC Configuration", copy the IP address of the ACS SE.
Interface Configuration > Advanced Options > check "Distributed System Settings" > Submit.
Network Configuration > under "AAA Servers" > Search > type the IP address of the ACS hardware/appliance > Search.
Note down the "Name" against the Ip address of the ACS SE.
Now go to, Network Configuration > under "Proxy Distribution Table" > (Default) > make sure that the name that appeared against the Ip address of the ACS Hardware/appliance is in "Forward To" Column, If it is not, move it , and move all other entries under "AAA Servers" column and press "Submit + Restart"
And delete the entry from the AAA Server section, that is associated with IP address 169.x.x.x
[2] Now, if you do not want the name that is shown in the Proxy Distribution Table, and want the one that is there in the section,
System configuration > Appliance Configuration... Hostname section, associated with the correct IP address. Then do this,
Establish Serial Console connection to ACS SE,
Issue the command "set hostname " and then reboot the ACS SE by command, "reboot".
[3] Once ACS SE is backup, go to, Network Configuration > under "Proxy Distribution Table" > (Default) > And make sure that the new name is in "Forward To" Column > Submit + Restart.
Now, the correct IP address will be associated with the correct hostname.
Regards.
Prem -
Been fighting ACS upgrade issues since we upgraded to R2. Every night the ACS service fails. When I start it back up I get the following error.
It looks like the DbCreatePartition.sql and/or DbDeletePartition.sql scripts are not running as we have a lot of views prefixed dvAll, dvAll5, etc. but no actual view of this name as is supposed to be and reports for user activity are throwing an error.
I have done everything I can find on the blogs, but nothing is helping. We have almost a terabyte of data in this database and reinstalling a new database is 99% out of the question.
I dont know if its permission related or not, but I am up to here with this ACS server.
Any help would be great, thank you
Warm Fuzzies!Hi,
If Event 4618 is logged when the updating process sets permissions on certain stored procedures.
You can safely ignore event 4618 in this scenario.
Here is more details, please refer to the below link:
Event 4618 is logged when you use the AdtSetup.exe program to update an Audit Collection Services installation in System Center Operations Manager 2007
http://support.microsoft.com/kb/949452/en-us
And if the event indecate logon failed, then the below article could be helpful:
http://blogs.technet.com/b/jonathanalmquist/archive/2008/03/13/adtserver-event-id-4618-logon-failed.aspx
AdtServer Event ID 4618 - Logon Failed
Regards,
Yan Li
Regards, Yan Li
Maybe you are looking for
-
How do i apply a background track to some slides
I want to add a background track to my project but dont want it to play on the first slide. How do i do that?
-
Language conversion for the sharepoint content in sharepoint in sharepoint 2013
Hi Everyone, I have installed language pack such as Portugese and Hindi. Every site is converted to their respective language as per browser language settings. But content in a sharepoint page like artice page, remains in english only. Please help me
-
My first bill is not what I was told
My first bill was not $75 (as I had been led to believe) for monthly service but $77 plus $40 dollars for a variety of other extra charges. The $40 dollar charges were not explained and I could not get a real detail list of them on my first bill. T
-
Users get stored in CApital case
Hi, We have installed SAP Netweaver 2004s server (J2EE + ABAP) on AIX box . We have also installed the Enterprise portal. Now if i create a user say "testuser" form the Portal it gets stored as capital "TESTUSER" in the ABAP database. my question are
-
Please, please, please can we have smilies on the N80? I appreciate that it is a buiness phone, but when did this ever stop me. PLEASE can we have them on the next firmware update. Thanking you in anticipation.