Error ACS 5-4-0-46-3

Hi friend:
Some times my web broser show me an error message in  ACS 5.4
could you help me ?
I had attached the picture.
Best regard,
Marco

Upon pressing F5 user notifies with alert  "F5 is disabled" along with following reasons(as separate alert you attached)
CSCuf93782    ACS 5.4 F5 or Refresh causes window freeze
I would suggest not to refresh ACS pages using F5 but by clicking again on a specific url/menu.
Jatin Katyal
- Do rate helpful posts -

Similar Messages

  • ACS Server: External Authentication configuration error

    Hi ALL
    I have installed the ACS server and configure properly and it works fine.
    But whenever i restart the machine, following error message appears on the external database configuration wizard.
    External Authentication Configuration Error
    ACS has encountered a problem while attempting to process your request. This could be due to one of the following:
    An incorrect installation or configuration of the third-party DLLs required to support this External Database
    A corrupt ACS configuration
    So after i found this error, i just restart all the seven services and every things works fine.
    I always encountered the same error message after restarting the machine each time.
    Can any body recomend the solution or can help me to resolve the issue.
    Thanks

    Hi,
    Please try the following workaround.
    1. Go to Start > Programs > Administrative Tools > Services.
    2. Stop the following services in the following order.
    CSAuth
    CSDbSync
    CSLog
    CSMon
    CSRadius
    CSTacacs
    CSAdmin
    3. After stopping the following services, start them all again in the following order.
    CSAdmin
    CSAuth
    CSDbSync
    CSLog
    CSMon
    CSRadius
    CSTacacs
    Please let me know if this was able to help.
    If the above doesn't help, please reinstall the ACS as the dll files that are being used
    by the ACS have been corrupted, before uninstalling and reinstalling, do take a
    backup of ACS server database from System Configuration > ACS backup > Backup Now.
    Also make sure that the ACS is installed on the default drive.
    tnx
    somishra

  • ACS error issue

    Hi All
    My customer is having a strange issue with his ACS.
    the current error is as follows
    ShellProfile,12/03/2012,13:18:26:709,ERROR,3058101152,NIL-CONTEXT,DeviceAttrFactory::createAttrValue with marker
    = *,DeviceAttrFactory.cpp:29
    Also when he tries to create show run he gets the following error however, the config does get created.
    % Error: acs manifest has no TAC information
    before I run to the TAC, has anyone experienced this, i was not able to find anything on the net, not even spam link
    Absolutely 0
    thanks in advance
    lancellot

    Aamir,
    I'm sure you've got this resolved still adding my inputs in case someone else facing the same issue.
    The reason why you're seeing this error message
    22043  Current Identity Store does not support the  authentication method
    because LDAP doesn't support PEAP-MSCHAPv2. It only supports PAP in non-EAP requests and EAP-TLS, EAP-GTC and PEAP-GTC in EAP requests.
    http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide
    /eap_pap_phase.html#wp1014889
    If you can't change the EAP flavor in your network, then you can migrate to Active directory as it supports peap-mschapv2.
    ~BR
    Jatin Katyal
    **Do rate helpful posts**

  • ACS 4.1 replication error

    Hi netPro,
    when i start the replication that's an error ,
    ACS Internal Database Replication Errors
    Number Error
    1 'User and Group Database' and 'Group Database' cannot be replicated together
    what does it means ?
    thanks.
    regards,
    Jack

    Hi Jack,
    Under database replication components, either select "user and group database" or "group database only"..You can't have both selected, as first option include the other..
    regards
    Hamid

  • ACS 4.2 replication issue

    We recently upgraded to ACS 4.2. All works perfectly except for replication. I now receive an error
    ACS Internal Database Replication Errors
    1.To disable receiving of EAP-FAST replication component, "EAP-FAST master server" must be enabled on "Global Authentication Setup" page
    We are not using EAP-FAST and it doen't appear to be enabled. EAP-FAST is not checked to replicate.

    I looked at that when I first got the issue. It saya that the server is Master. If I tick the box nothing changes and when I go back to that "Global Authentication" page the box is no longer ticked. The issue is the same on both the Primary Server and the Backup Server.

  • ACS Replication Issue

    Yesterday we had two ACS 4.0 servers installed on Windows 2000 Domain Controllers that were working great. ACS1 was the primary server and replication was configured to send to ACS2. ACS2 replication was configured to receive from ACS1.
    We lost ACS2 yesterday so I installed ACS 4 on a 2003 Domain Controller (ACS3). I installed ACS3, went into network configuration and added ACS1 as an AAA server.
    I then logged onto ACS1 and added ACS3 as an AAA server and configured ACS3 as a replication partner.
    It is not replicating - if I look at the log I get
    ERROR, ACS 'ACS3' has denied replication request
    I do not have the primary as a replication on the secondary.
    I have some screen shots of the configuration from ACS2 and I've duplicated everything I've could (except for name and IP).
    Any ideas on what I can try next?

    I had what seems to be the same issue.
    In my case I have two ACS SE 1113 appliances, but the issue could still be the same with your Windows servers.
    The appliance has two NIC's - I had both of the NIC's connected. Although the appliance only allows you to use the Primary NIC (the bottom one) ACS still detected the Secondary NIC and creates an additional "AAA Server" entry under the "Network Configuration" tab called "self". You should only have one "self" entry in your AAA Server list, not two.
    Unfortunately I couldn't find a way to undo this. So I disconnected the Secondary NIC (the top one) and used the recovery CD to reload both of my ACS devices. Now everything works just fine.
    - Nate

  • ACS 'SERVER has denied replication request

    Trying to replicate 2 ACS servers and I get the follwing error.
    ACS 'Server' has denied replication request
    10/30/2007 22:09:49 INFO Outbound replication cycle completed
    10/30/2007 22:09:49 ERROR ACS 'Server' has denied replication request
    10/30/2007 22:09:48 INFO Outbound replication cycle starting...
    ANY HELP out there this late please?

    Further adding to somishra suggestion,
    ) Make sure that you are not replicating over NAT. Replication over NAT does not work
    because the IP is used as part of the server authentication
    2) Next, check to make sure that you are not sending or receiving the distribution table.
    On the primary server, the distribution table should not be checked in the send list, and
    on the secondary, the distribution table should not be checked for receive.
    3) Then I would like you to check in the secondary server's partner list, to make sure
    that the primary is not listed. You should not enter the primary server into the partner
    list on the secondary server. However, the primary server should have all secondary
    servers listed in its partner list.
    4) Ensure that the secondary server has it's replication scheduling set to "manual".
    5) Please verify that your servers are all running exactly the same ACS version and build.
    6) Also let me know if we have any firewall in between two acs servers.
    Regards,
    ~JG

  • 802.1x and MS IAS and Nortel IP phone

    hi,
    i have setup 802.1x MS IAS. All seems to work fine when i am using a plain pc connection to switch but the moment IP phone is involved i start facing issues.
    I am using cisco 3750 switch with version 12.2(25)SEB4
    dhcp server is on windows which is on a different network i.e. 10.50.1.9
    dhcp relay agent is defined on firewall subinterces
    All works when phone is not involved. BTW i am using Nortel IP phone
    when the phone is plugged and cable is throug the phone, i provide the user name and credentials and also when i say show vlan on switch i can see i am aprt of corrent vlan but i do not get an ip address.
    This is the error i get on switch when is said debug radius:
    pls find two attachments of debug dot1x events and radius.
    pls help
    Regards
    AI

    Hi Adil,
    I'm testing with a Catalyst 3560 running IOS version 12.2(44)SE2.
    I have a Nortel-LG IP phone which does not have 802.1x supplicant.
    I tried configuring MDA on the switchport and use MAB to authenticate the phone.
    My questions:
    1. In the ACS, I created a group for the IP phone and specify "device-traffic-class=voice" as the cisco-av-pair. Is this what I should be doing for a non-Cisco phone?
    2. I know the phone's MAC address is 00-40-5A-17-C6-30. I created a user 00405a17c630 (password is also 00405a17c630) and assign it to the IP phone group I created above. Is this correct?
    My testing wasn't successful. I got the following output:
    Switch#sh dot1x int f0/48 de
    Dot1x Info for FastEthernet0/48
    PAE = AUTHENTICATOR
    PortControl = AUTO
    ControlDirection = Both
    HostMode = MULTI_DOMAIN
    Violation Mode = PROTECT
    ReAuthentication = Disabled
    QuietPeriod = 60
    ServerTimeout = 30
    SuppTimeout = 30
    ReAuthPeriod = 3600 (Locally configured)
    ReAuthMax = 2
    MaxReq = 2
    TxPeriod = 30
    RateLimitPeriod = 0
    Mac-Auth-Bypass = Enabled
    Inactivity Timeout = None
    Guest-Vlan = 999
    Dot1x Authenticator Client List
    Domain = UNKNOWN
    Supplicant = 0040.5a17.c630
    Auth SM State = AUTHENTICATING
    Auth BEND SM State = REQUEST
    Port Status = UNAUTHORIZED
    Authentication Method = Dot1x
    Domain = UNKNOWN
    Port Status = UNAUTHORIZED
    My switch config is as follows:
    aaa new-model
    aaa authentication dot1x default group radius
    dot1x system-auth-control
    radius-server host 1.1.1.1 auth-port 1645 acct-port 1646 key cisco123
    radius-server source-ports 1645-1646
    radius-server vsa send authentication
    interface FastEthernet0/48
    description *** 802.1x Test Port ***
    switchport access vlan 70
    switchport mode access
    switchport voice vlan 71
    no snmp trap link-status
    dot1x mac-auth-bypass
    dot1x pae authenticator
    dot1x port-control auto
    dot1x host-mode multi-domain
    dot1x violation-mode protect
    dot1x guest-vlan 999
    spanning-tree portfast
    In the ACS' Failed Attempts logs, I saw entries for:
    User-Name = 00405a17c630
    Group-Name = IP_Phone_Test_Group
    Caller-ID = 00-40-5A-17-C6-30
    Authen-Failure-Code = Internal error
    ACS version is 4.1.
    what am I missing? Please advise.
    Thank you.
    B.Rgds,
    Lim TS

  • Replication overwrites the AAA servers table in the secondary server

    Hi,
    I've configured two ACS servers with replication but i noticed that when the replication takes place it overwrites the AAA servers table configured in the network configuration of the secondary server and that makes the next replication to fail because the two servers have the same configuration of AAA servers, if i uncheck the "Network Configuration Device tables" and the "Network Access Profiles" from the "Database Replication Setup" wich includes the AAA servers table I also missed the replication of the new network devices that are added in the master server.
    Do you know how can i exclude only the AAA servers table from the replication??
    Other thing is that I configured the Outbound replication as "Automatically triggered cascade", I'm not sure if this means that at the exactly moment that there is a change on the primary server it will replicate it to the secondary???? because if that is the case it is not doing it.
    Thanks in advance for your help

    Hi,
    I understand, thanks alot for making that clear!.
    I now have another situation and i was wondering if you can help me, i made some changes in the AAA servers trying to solve this situation but i wasn't able to, so i leave again the servers in the same way that they were configured by the time the replication was working but now it is not, in the master server i get this message:
    ERROR ACS 'LACSLVBCDVAS007' has denied replication request
    and in the second server i get this:
    ERROR Inbound database replication from ACS 'lacslvbcpvas011' denied - shared secret mismatch
    I've checked the same key configured for both and are the same, i've deleted the AAA servers and the configure them again, restart the services but the problem remains, dou you have any idea what this could be??
    Thanks in advance for your help.
    Best Regards,

  • RDBMS Synchronization with a .CSV file

    Good morning. I am trying to create a testable .csv file that I can import into our ACS on a prescheduled basis.
    Here are my questions about this process:
    1. Do I need to use the PASS_Expire action or is there a STOP_DATE? I have looked at the codes and didn't really see one.
    2. Is there a way that I can extract a copy of the dump.txt or get my actual database exported to a different system?
    3. What are the group's recommendations on synchronization? Are there some lesson's learned I should look out for?
    Thanks
    Dwane

    can you help me add vendor UDV and attributs to ACS.
    I tried it it showing me UDV, but getting a error RDBMS report for one attribut.
    when v3 is integer
    Error: ACS 'ACS_A1' Action failed [SI=6 A=352 UN="" GN="" AI="" VN="Login-Service" V1="2011" V2="10" V3="integer"] Reason: UDV VSA error - User Defined Vendor/VSA operation failed (VSA name not unique)
    when v3 is string
    Error: ACS 'rdevid-4eafe3cf' Action failed [SI=6 A=352 UN="" GN="" AI="" VN="Login-Service" V1="2011" V2="7" V3="string"] Reason: UDV VSA error - User Defined Vendor/VSA operation failed (VSA name not unique)
    actually i am doing it for H3c.dct  it is for 3com.
    Below is the file which i used.
    SequenceId,Priority,UserName,GroupName,Action,ValueName,Value1,Value2,Value3,DateTime,MessageNo,ComputerNames,AppId,Status
    1,0,,,350,3COM-H3C,AUTO_ASSIGN_SLOT,2011,,,,,,0
    2,0,,,352,h3c-User-Access-Level,2011,26,integer,,,,,0
    3,0,,,352,Administrator,2011,3,string,,,,,0
    4,0,,,352,Manager-(write),2011,2,string,,,,,0
    5,0,,,352,Monitor-(read),2011,1,string,,,,,0
    6,0,,,352,Login-Service,2011,5,string,,,,,0
    7,0,,,352,SSH,2011,50,string,,,,,0
    8,0,,,352,Terminal,2011,52,string,,,,,0
    9,0,,,353,,2011,221,IN OUT,,,,,0
    10,0,,,355,,,,,,,,,0
    Also please let me know how can delete the UDV if i want to. i tried procedure mentioned in user guide but failed.

  • ACS 5.3 - Error when changing Device group or Location

    I am trying to move a device from the Default location to a sub group and get the following message when I try (either with IE or Firefox)
    This System Failure occurred: Index : 0, Size: 0. Your changes have not been saved. Click OK to return to the list page.
    it also gives me the same error if I try and change the Device type from default to a sub group. I'm sure I could do this previously. The ACS build is (VMWARE install):
    Cisco Application Deployment Engine OS Release: 1.2
    ADE-OS Build Version: 1.2.0.228
    ADE-OS System Architecture: i386
    Copyright (c) 2005-2009 by Cisco Systems, Inc.
    All rights reserved.
    Hostname: ACS1
    Version information of installed applications
    Cisco ACS VERSION INFORMATION
    Version : 5.3.0.40
    Internal Build ID : B.839
    I'm suspecting it a read/write issue with the database or a database corruption. Can anyone enlighten me on how to fix it please ?
    I have stopped and started the application acs via the console and show application status acs has the following to say about itself.
    ACS1/admin# show application status acs
    ACS role: PRIMARY
    Process 'database'                  running
    Process 'management'                running
    Process 'runtime'                   running
    Process 'view-database'             running
    Process 'view-jobmanager'           running
    Process 'view-alertmanager'         running
    Process 'view-collector'            running
    Process 'view-logprocessor'         running
    Mel

    Does this happen to small number of network devices or the whole set
    If the former then I found the following CDETS
    CSCtw59271    Random Network Device corruption after upgrade from ACS 5.2 to 5.3
    Which includes the following workaround
    Symptom 1: Delete and re-add the AAA client
    Symptom 2:Modify the TACACS+ shared secret of the Network Device, re-enter the same key and save the Network device.
    >>>> Use case where TACACS+ was used
    There are some important fixes related to upgrade issues in patch 5 and later for ACS 5.3. While these do not relate to NDs I do recommend installing this patch

  • ACS 5.3 incremental backup error

    Hi ,
    I have ACS 5.3 that recently having problems with the incremental backup.
    The error is : on demand back failed
    and the details is: SQL Anywhere backup utility connection error: insufficient system resources- failed  to allocate a SYSV semphorenull .
    I mean come on.... and I did not find this error on cisco website.
    The ADE.log file is not showing errors/details related to this. Atttached are the files showing the errors
    Have anyone faced this problem before? Ideas? Anything?
    Regards,
    George

    Hi George:
    with 5.3 I experienced many issues including the incremental backup does not work. whenever I set it to "ON" next time the scheduled backup comes It fails and set itself back to "Off'. I did not get same message you get though.
    I finally did two things:
    - upgraded to latest patch.
    - moved the log collector from the primary to the secondary.
    Now things are fine for about 1 month without issues.
    Regarding your issue, I think it could be related to resource issue as mentioned in the message.
    What is the current DB size that you have?
    Note that the message is misleading (messages I got with my ACS are the same) because they mention incremental backup in the message title and then say on-demand full backup failed!
    So, you have to specify yourself if the issue with the incremental backup or the full backup?
    HTH
    Amjad
    Rating useful replies is more useful than saying "Thank you"

  • "24427 Access to Active Directory failed" error in ACS 5.1

    Hello,
    I'm working on implementing a RADIUS authentication for wireless access with the following :
    - PCs running Windows 7, protocol used is PEAP (without validating the server certificate to make it simple at first),
    - AP 1252  configured to use a RADIUS server to authenticate (it's working good with an ACS server 4.2),
    - ACS Server 5.1.0.44.5 running as VM connected to an AD domain and working good with VPN connections,
    - AD domain running on Windows 2003 Server.
    My ACS VM is working good since a couple of months for VPN (RADIUS) and administration (TACACS) remote access, both using Active Directory. Now, I'd like to use it to authenticate people connecting to a 1252 Cisco access point but I'm getting this error "24427 Access to Active Directory failed". I switched from PEAP to LEAP but this is the same.
    All I can get running the expert troubleshoot
    Investigating failure code: 24427 Access to Active Directory failed
    Checking if Active Directory is configured
    Active Directory is configured
    Attempting connection to Active Directory
    Connection to Active Directory was successful.
    Troubleshooting completed.
    Click on Show Results Summary to view results.
    I followed this guide, at least for the ACS certificate section :
    http://www.cisco.com/en/US/products/ps10315/products_configuration_example09186a0080b4cdb9.shtml
    Anyone has an idea where the problem may come from?
    Thanks in advance,
    Vincent

    hey there, I ran into the same issue with 5.3 and it turned out being this bug. i came across your post looking for instructions on retrieving the logs. thanks mate.
    link
    Problem: Error "24495 Active Directory servers are not available"
    Authentication starts failing with this error: 24495 Active Directory servers are not available. in the ACS 5.3 logs.
    Solution
    Check the ACSADAgent.log file through the CLI of the ACS 5.x for messages such as:Mar 11 00:06:06 xlpacs01 adclient[30401]: INFO base.bind.healing Lost connection to xxxxxxxx. Running in disconnected mode: unlatch. If you see the Running in disconnected mode: unlatch error message, this means the ACS 5.3 cannot maintain a stable connection with Active Directory. The workaround is to either switch to LDAP or downgrade the ACS to 5.2 version. Refer to Cisco bug ID CSCtx71254 (registered customers only) for more information.

  • ACS 5 : 24463 Internal error in the ACS Active Directory

    I am configuring ACS 5.
    I have group in AD created. There is 2 users in the group. Usera are from different OUs.
    One user get authenticated.
    The other failing to get trough authentication with following error:
    24463 Internal error in the ACS Active Directory
    Could anybody help?
    P.S. I have something to add.
    It works for some users and does not for others. I have created new user and it worked.
    So it looks it is sometjing in user properties of groups it belongs to.

    This is Bug
    CSCsx94072

  • Error Message in ACS Logs

    I'm using ACS V4.2 to authenticate wireless users using EAP-TLS. I get the following error message in my logs for some users. Anyone have any idea what it means?
    AUTH 02/16/2009 11:10:16 I 2310 2008 0x277 External DB [NTAuthenDLL.dll]: Insufficient space for all of user [email protected] certificates
    AUTH 02/16/2009 11:10:16 I 2355 2008 0x277 External DB [NTAuthenDLL.dll]: User '[email protected]' was found [ADS]

    This isn't supposed to be an error message, but rather an informational message.
    Do you see any Failed authentication attempts when this message showed
    up?

Maybe you are looking for

  • Cracked macbook pro screen repair

    Accidentally stepped on my 13" macbook pro that was on the floor and it cracked the right side of my screen, how much would it cost to repair/replace?

  • Itunes will not open in xp pro

    I am trying to install Itunes on a new computer everything looks ok until I get a message itunes encountered a problem and needs to close I have removed and reinstalled ihave turned off all firewalls and spyware stuff and i still can't get it to work

  • Polygonal Lasso Tool problem report

    Hi, After I have updated my MAC OS X Mavericks this morning my Polygonal Lasso tool started to work funny, it jumps and auto closes, I can't use it anymore. Before that I never had any problem with the polygonal lasso tool and was able to cut any sha

  • Adobe DNG Converter 7.4

    I downloaded Adobe DNG Converter 7.4 to upgrade Elements 10 to accept RAW files from my Nikon D7100 but it won't. The reason given is: The file format is damaged or is in a format that cannot be included in Elements Organizer. It does accept jpg file

  • Spry confusion and files

    Hi, I am very new to all of this and have some really cool ideas for my website. anyhow, I have come across a number of problems. Firstly, from having no idea what so ever, I downloaded an example page from adobe. Tried to replicate the bulk of it, w