ISE admin account recovery failure

Similar Messages

• Unity Connection 8.5.1 ES 16 web admin account recovery

  Hello,
  I have a client with a Unity Connection 8.5.1 ES16 version and they lost access to the Unity Admin web page.
  I tried the steps to recover the password but it is failing, and the account doesn't seem to exist anymore.. I did a SQL query I found on another post here and it did not list this account anymore in the nonsubscriber querry, I also tried the utils cuc reset password command on the account several times with several passwords that matched the password criteria and they always failed resetting the password.
  So I found another post and it had other query to use nonsubscriber account and use that, I managed o log in to the unity admin page with account called "UnityConnection" but it saids "Not Authorized" for all functions.
  How do I add rights to the UnityConnection user or create another web admin account from SSH/CLI? I'm thinking I need to engage TAC in the morning and have them gain root access to fix this up. I did find a few bug ids on this but the workarounds don't work either and those were for 7.1.x.
  Thanks, Erick

  I was hoping not to have a Nested ESXi setup, initially I started to setup my Lab machine as a Bare Metal ESXi host, the free ESXi vsphere client has a 6 Core Limit per CPU and I have 2 CPU's with 8 Core's each and was not happy to lose 2 Cores per CPU as a limitation, so I read up and tried ESXi 5.0 which really messed up things for me, after ESXi 5.0 install My system started to act up and would boot up and sit at a Blinking Cursor forever, spent a week researching and gave up when I tried installing 4.1 again only to find out 4.1 would work either ! sucked real bad and I guess I just decided to give Workstation a try, minor glitches, But I will give it a try and setup a nested ESXi within my workstation, I know it has something to do with the OVA template and the Hardware specs that Unity Connection looks for, crazy thing is Unity Connection Works right now, I just have to start Tomcat manually everytime I boot up my lab system. Will keep looking for answers will I try the nested setup - Thanks Matt

• ISE password expiration for Admin account issue

  OK .. we have been working on getting ISE up and running for a little while now and I have come across an odd and reoccurring issue with my admin accounts. I cannot figure out if there is something that we have missed in the setup or if there is and actual issue with the password policies. It seems that there is a "user" type password policy and then there is an "admin" type policy and am trying ti figure out if they are stepping on each other or something. I am running version 1.2.0.899 with patch 5,1.
  Here is the issue. I have started receiving password expiration reminders for the two admin accounts I have setup on the cluster. I have my address setup for an admin user named "admin" and an admin user named "wberry" and I receive two different e-mails for both accounts. The issue that I have is the dates listed in the e-mails. This is one e-mail that I get:
  The password for your local admin "wberry" is expiring on Mon Jun 01 09:43:03 CDT 2015. Please update immediately, by going to https://mem7700.spd.mli.corp/admin, signing-in, and clicking on the user name at the upper right corner.
  This is the second email that I get for the same account:
  Your network access password will expire on Thu Dec 03 08:43:03 CST 2015. Please contact your system administrator for assistance .
  As you can see the dates in the two messages are completely different. My admin policy is set with expired 180 days after creation and last change and the reminder is set to 10 days prior to expiration. The user password policy lifetime is also 365 days if password not changed with the reminder after 355 days. 
  Thoughts / recommendations.
  Brent

  Here you go:
  http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/application_networking_manager/4.1/user/guide/UG_over.html#wp1053919
  In fact, to reset the password, you must choose the change password option before you login the GUI.
  Cheers,
  Dom.

• Can I default the Admin account of an ACS SE without a recovery CD

  Hi - I have an ACS soultion engine 1111. I've been using it mess around with but now need to return it to stock so need to default it and get rid of the admin account. A TAC engineer has told me I can do this from the CLI but hasn't said exactly how.
  Is it possible to return the device to factory defaults from the CLI or do I have to get hold of a recovery CD? The device is running 4.1
  Many Thanks in advance
  Dom

  You can not reset the configuration to default in the ACS SE. It's required to use the recovery CD to re-image the Appliance.
  When using the commands or the recovery CD:
  Attach a DB-9 to RJ-45 adapter to the serial port of the console.
  Set your terminal emulation communication software to operate with the following settings:
  •Baud = 115200
  •Databits = 8
  •Parity = N
  •Stops = 1
  •Flow control = None
  •Terminal emulation type = ANSI
  You can not set the password back to "setup":
  ACS_Console> set admin
  Enter old password:
  Enter new account name: administrator
  Enter new password:
  Reenter new password:
  Error: Password must be at least 6 characters long.
  Does not contain all or part of the user's account name.
  Contains characters from three of the following four categories:
  * English upper case characters (A..Z)
  * English lower case characters (a..z)
  * Base 10 digits (0..9)
  * Nonalphanumeric (For example, !,$#,)
  If you provide the new guy the current user/password, he could reset it using these commands:
  - To set the name of the ACS SE administrator, use the set admin command:
  set admin [administratorname]
  - To set the ACS SE administrator's password, use the set password command.
  If not, he would also need the Recovery CD to reset the password.

• FileVault 2 failure - more than one admin account

  New rMBP 15" with 10.8.2, used Migration Assistant from a 10.6.8 boot.  Very happy with it, and have been using it for a few days.
  Decided to enable filevault 2 to encrypt my boot drive.  I enabled it, rebooted, and then went back to the Security & Privacy system preferences to check the progress, which was stuck with an intdeterminate progress bar.  Waited 30 minutes, no change.   Hmmm.
  Console.log showed continual error message, such as :"11/9/12 6:56:40.155 PM System Preferences[638]: *** -[DMManager conversionProgressForLogicalVolumeDisk:] returned an error; error: -69808 (-[SecurityFDEController _checkFDEEncryptionStatusTimer:])"
  Turns out, I had two admin accounts on this computer, and I had only authorized one of them to unlock the filevault encryption.
  I clicked the button to authorize the 2nd account, and after that the encryption process started working.
  Not very user friendly...posting this in case it helps others...

  Welcome to the discussions. If iWeb's menus are greyed out, the following trick has worked for some:
  In the user account which does not let you start a new page, save, etc. — Quit iWeb. Start iPhoto. Select a couple of photos, click on the iWeb icon at lower right and choose Photo Page. iWeb will open up and invite you to choose a template for your new Photos page. Choose any template so that the page is created and then delete that newly created page.
  ...Now perhaps things are no longer greyed out in iWeb.

• I just purchased a one year old iMac.  How do I create a brand new admin account?

  I just purchased a one year old iMac.  How do I create a brand new admin account?

  The first thing to do with a second-hand computer is to erase the internal drive and install a clean copy of OS X. You—not the original owner—must do that. How you do it depends on the model, and on whether you already own another Mac. If you're not sure of the model, enter the serial number on this page. Then find the model on this page to see what OS version was originally installed.
  It's unsafe, and may be unlawful, to use a computer with software installed by a previous owner.
  1a. If you don't own another Mac
  If the machine shipped with OS X 10.4 or 10.5, you need a boxed and shrink-wrapped retail Snow Leopard (OS X 10.6) installation disc from the Apple Store or a reputable reseller—not from eBay or anything of the kind. If the machine is very old and has less than 1 GB of memory, you'll need to add more in order to install 10.6. Preferably, install as much memory as it can take, according to the technical specifications.
  If the machine shipped with OS X 10.6, you need the installation media that came with it: gray installation discs, or a USB flash drive for a MacBook Air. You should have received those media from the original owner, but if you didn't, order replacements from Apple. A retail disc, or the gray discs from another model, will not work.
  To start up from an optical disc or a flash drive, insert it, then restart the computer and hold down the C key at the startup chime. Release the key when you see the gray Apple logo on the screen.
  If the machine shipped with OS X 10.7 or later, you don't need media. It should start up in Internet Recovery mode when you hold down the key combination option-command-R at the startup chime. Release the keys when you see a spinning globe.
  Some models shipped with OS X 10.6 and received a firmware update after 10.7 was released, enabling them to use Internet Recovery. If you have one of those models, you may not be able to reinstall 10.6 even from the original discs, and Internet Recovery may not work either without the original owner's Apple ID. In that case, contact Apple Support, or take the machine to an Apple Store or another authorized service provider to have the OS installed.
  1b. If you do own another Mac
  If you already own another Mac that was upgraded in the App Store to the version of OS X that you want to install, and if the new Mac is compatible with it, then you can install it. Use Recovery Disk Assistant to prepare a USB device, then start up the new Mac from it by holding down the C key at the startup chime. Alternatively, if you have a Time Machine backup of OS X 10.7.3 or later on an external hard drive (not a Time Capsule or other network device), you can start from that by holding down the option key and selecting it from the row of icons that appears. Note that if your other Mac was never upgraded in the App Store, you can't use this method.
  2. Partition and install OS X
  If you see a lock screen when trying to start up from installation media or in Recovery mode, then a firmware password was set by the previous owner, or the machine was remotely locked via iCloud. You'll either have to contact the owner or take the machine to an Apple Store or another service provider to be unlocked. You may be asked for proof of ownership.
  Launch Disk Utility and select the icon of the internal drive—not any of the volume icons nested beneath it. In the  Partition tab, select the default options: a GUID partition table with one data volume in Mac OS Extended (Journaled) format. This operation will permanently remove all existing data on the drive.
  After partitioning, quit Disk Utility and run the OS X Installer. If you're installing a version of OS X acquired from the App Store, you will need the Apple ID and password that you used. When the installation is done, the system will automatically restart into the Setup Assistant, which will prompt you to transfer the data from another Mac, its backups, or from a Windows computer. If you have any data to transfer, this is usually the best time to do it.
  Then run Software Update and install all available system updates from Apple. To upgrade to a major version of OS X newer than 10.6, get it from the Mac App Store. Note that you can't keep an upgraded version that was installed by the original owner. He or she can't legally transfer it to you, and without the Apple ID you won't be able to update it in Software Update or reinstall, if that becomes necessary. The same goes for any App Store products that the previous owner installed—you have to repurchase them.
  3. Other issues
  If the original owner "accepted" the bundled iLife applications (iPhoto, iMovie, and Garage Band) in the App Store so that he or she could update them, then they're irrevocably linked to that Apple ID and you won't be able to download them without buying them. Reportedly, Mac App Store Customer Service has sometimes issued redemption codes for these apps to second owners who asked.
  If the previous owner didn't deauthorize the computer in the iTunes Store under his Apple ID, you wont be able to  authorize it immediately under your ID. In that case, you'll either have to wait up to 90 days or contact iTunes Support.
  When trying to create a new iCloud account, you might get a failure message: "Account limit reached." Apple imposes a lifetime limit of three iCloud account setups per device. Erasing the device does not reset the limit. You can still use an iCloud account that was created on another device, but you won't be able to create a new one. Contact iCloud Support for more information. The setup limit doesn't apply to Apple ID accounts used for other services, such as the iTunes and Mac App Stores, or iMessage. You can create as many of those accounts as you like.

• Just bought a second hand MacPro early 2008 running Mavericks. How do I reset it to standard deleting previous owner admin account?

  Just bought a second hand MacPro early 2008 running Mavericks. How do I reset it to standard, deleting previous owner admin account?
  The previous owner seems to have cleared most of his stuff but I can't make changes as it's asking for the admin password!
  Is there a way to reset the MacPro back as if I was logging on for the first time so that I can set it up as my computer?

  The first thing to do with a second-hand computer is to erase the internal drive and install a clean copy of OS X. You—not the original owner—must do that. Changes made by Apple over the years have made this seemingly straightforward task very complex.
  How you go about it depends on the model, and on whether you already own another Mac. If you're not sure of the model, enter the serial number onthis page. Then find the model on this page to see what OS version was originally installed.
  It's unsafe, and may be unlawful, to use a computer with software installed by a previous owner.
  1. If you don't own another Mac
  a. If the machine shipped with OS X 10.4 or 10.5, you need a boxed and shrink-wrapped retail Snow Leopard (OS X 10.6) installation disc from theApple Store or a reputable reseller—not from eBay or anything of the kind. If the machine is very old and has less than 1 GB of memory, you'll need to add more in order to install 10.6. Preferably, install as much memory as it can take, according to the technical specifications.
  b. If the machine shipped with OS X 10.6, you need the installation media that came with it: gray installation discs, or a USB flash drive for a MacBook Air. You should have received the media from the original owner, but if you didn't, order replacements from Apple. A retail disc, or the gray discs from another model, will not work.
  To start up from an optical disc or a flash drive, insert it, then restart the computer and hold down the C key at the startup chime. Release the key when you see the gray Apple logo on the screen.
  c. If the machine shipped with OS X 10.7 or later, you don't need media. It should start up in Internet Recovery mode when you hold down the key combination option-command-R at the startup chime. Release the keys when you see a spinning globe.
  d. Some 2010-2011 models shipped with OS X 10.6 and received a firmware update after 10.7 was released, enabling them to use Internet Recovery. If you have one of those models, you can't reinstall 10.6 even from the original media, and Internet Recovery will not work either without the original owner's Apple ID. In that case, contact Apple Support, or take the machine to an Apple Store or another authorized service provider to have the OS installed.
  2. If you do own another Mac
  If you already own another Mac that was upgraded in the App Store to the version of OS X that you want to install, and if the new Mac is compatible with it, then you can install it. Use Recovery Disk Assistant to prepare a USB device, then start up the new Mac from it by holding down the C key at the startup chime. Alternatively, if you have a Time Machine backup of OS X 10.7.3 or later on an external hard drive (not a Time Capsule or other network device), you can start from that by holding down the option key and selecting it from the row of icons that appears. Note that if your other Mac was never upgraded in the App Store, you can't use this method.
  3. Partition and install OS X
  a. If you see a lock screen when trying to start up from installation media or in Recovery mode, then a firmware password was set by the previous owner, or the machine was remotely locked via iCloud. You'll either have to contact the owner or take the machine to an Apple Store or another service provider to be unlocked. You may be asked for proof of ownership.
  b. Launch Disk Utility and select the icon of the internal drive—not any of the volume icons nested beneath it. In the  Partition tab, select the default options: a GUID partition table with one data volume in Mac OS Extended (Journaled) format. This operation will permanently remove all existing data on the drive.
  c. An unusual problem may arise if all the following conditions apply:
            OS X 10.7 or later was installed by the previous owner
            The startup volume was encrypted with FileVault
            You're booted in Recovery mode (that is, not from a 10.6 installation disc)
  In that case, you won't be able to unlock the volume or partition the drive without the FileVault password. Ask for guidance or see this discussion.
  d. After partitioning, quit Disk Utility and run the OS X Installer. If you're installing a version of OS X acquired from the App Store, you will need the Apple ID and password that you used. When the installation is done, the system will automatically restart into the Setup Assistant, which will prompt you to transfer the data from another Mac, its backups, or from a Windows computer. If you have any data to transfer, this is usually the best time to do it.
  e. Run Software Update and install all available system updates from Apple. To upgrade to a major version of OS X newer than 10.6, get it from the Mac App Store. Note that you can't keep an upgraded version that was installed by the original owner. He or she can't legally transfer it to you, and without the Apple ID you won't be able to update it in Software Update or reinstall, if that becomes necessary. The same goes for any App Store products that the previous owner installed—you have to repurchase them.
  4. Other issues
  a. If the original owner "accepted" the bundled iLife applications (iPhoto, iMovie, and Garage Band) in the App Store so that he or she could update them, then they're irrevocably linked to that Apple ID and you won't be able to download them without buying them. Reportedly, Mac App Store Customer Service has sometimes issued redemption codes for these apps to second owners who asked.
  b. If the previous owner didn't deauthorize the computer in the iTunes Store under his Apple ID, you wont be able to  authorize it immediately under your ID. In that case, you'll either have to wait up to 90 days or contact iTunes Support.
  c. When trying to create a new iCloud account, you might get a failure message: "Account limit reached." Apple imposes a lifetime limit of three iCloud account setups per device. Erasing the device does not reset the limit. You can still use an iCloud account that was created on another device, but you won't be able to create a new one. Contact iCloud Support for more information. The setup limit doesn't apply to Apple ID accounts used for other services, such as the iTunes and Mac App Stores, or iMessage. You can create as many of those accounts as you like.

• Changing the Admin Account

  I've been operating under my admin account since I've owned a Mac, and in all that time I've always had two accounts, one the admin, the other named 'Test' as a clean user. In light of the new potential danger of future trojan's and such should I (and am I able to) switch the Admin powers over to the mostly unused Test account and make my main account into a daily user? Or am I stuck with this configuration w/out a complete erase and reinstall?
  Thanks
  Ted

  Yeah, geeze, we're getting ahead of the ball game here. These speculative precautions about viruses cause, as we see, more problems than they solve.
  Instead of changing the way you work (and the way the OS is designed to work), don't mess with the user accounts. If you're the primary user of the computer, work in an admin account -- it's nothing like working as "root" (which is bad), and there are just too many occasions when you need to be an admin that working as a non-admin user is going to cause a big pain.
  The only sensible precaution (in my opinion) is to back up your data. Retrospect Express and blank DVD-R won't cost you much, and they will protect against the myriad failure modes -- not just the unlikely case of a virus.
  Once viruses become a problem inOS X (which, I agree, is inevitable), I have every confidence that Apple, Symantec, and lots of other companies will come up with good solutions. But, at the moment, the threat is slight, and so the demand is light, and therefore the products (and workarounds) are lousy. I don't think there's much virtue in being the first on your block to build a fallout shelter.

• I am unable to change the admin account

  Hello, I'm unable to change my Administrator password.
  Computer model: MacBook Pro (mid 2012), not Retina.
  OS: OS X Mountain Lion.
  There's a network account server in my settings.
  Admin account info: Admin, Managed, Mobile.
  I have tried to change the password via System Settings and via Terminal (passwd command line).
  When I try to change it in the Terminal, it just echoes out "passwd: general failure".

  Oh, okay.
  I was once able to change the password, and then I changed the password of my account in their Microsoft Exchange Server.
  And after that, I was unable to change the password on my Mac.

• I have no Admin account now, and keeps asking me to: Type an administrator's name and password to allow this.

  i've installed the new beta Yosemite. After i found i didnt like it, i decided to return to Mavericks. Now, at the installation process i dont know what happened and now i dont have any admin account. so, the system keeps asking me to Type an administrator's name and password to allow this. and i cant do anything, because i only have an standard and a guest account. How can i make my standard account an admin one. Also, this makes me sick, because i cant install or configure anything.
  ps. i regret about installing Yosemite beta. not good at all
  these are some screenshots
  http://prntscr.com/4ce3nx
  http://prntscr.com/4ce43z

  Do you still have a Recovery partition? To see if you do, hold down the command and R keys whilst booting and erase your boot drive and then reinstall the version of OS X that you last paid for or downloaded.
  Call back if that doesn't work...
  Clinton

• Bricked Lenovo Yoga 3 Pro-1370 due to broken microsoft ecosystem / unrecoverable admin account

  Hi. So now I am here. HELLO EVERYONE! All you friendly and curious troubleshooters. I am frustrated and lost. I will not give you the 14 step Microsoft issue.  But I guarantee this will be one of the more bizarre or interesting problems you have read in a bit.   so tl;dr - my yoga 3 is bricked because the user account switched the administrator to an unrecoverable & disused / non-used outlook.com email account b/c of the MS App store. Their tech has not helped, no recovery has worked at all. I just want to factory reset the hardware at this point, but the software "glitch" needs me to log in to my admin account to factory reset, which is something I can't do.   Way too long of info story:   a) on my lenovo tablet, I had my personal login to sign into my admin profile. I did not use a MS Outlook account at all. In Feb, I signed up w/ a "dummy" outlook.com account for the app store, but never DL anything, and didn't think to realize this account locked me into an ecosystem... I just thought it was a temp email to register, and didn't keep any details. The 1st time it removed my local user account profile from admin, and replaced it with the outlook.com account. I immediately switched it back, that time.   b) 2 weeks ago, I wanted to DL The Economist app. We hadn't used any apps, & again it made me sign in to Microsoft. I signed into my account and DL the app. I believe it signed in with a remembered password, as I don't remember it. It could be one of 15.    c) At this point, microsoft's account removed my personal local lenovo user account, and replaced it with the microsoft outlook.com sign in d) Now, when I try to log in to my tablet, it says "You can't sign into your PC right now. Go to account.live.com to fix the problem, or try the last password you used on this PC". No previous passwords work. This is probably because I tried to sign in a bunch of times under my personal local user account, before realizing it had switched the admin to the outlook.com account. e) I go to account.live.com, and it redirects to login.live.com. When I try to sign in with my outlook.com account, it says "You've tried to sign in too many times with an incorrect email address or password." f) At this point, a captcha comes up, and no matter how many times I solve it correctly, it won't let me sign in. I did get to a point where I see a different type of screen that says my account is locked. g) When I try any form of account recovery, and attempt to have an email or password sent to my secondary recovery email, those emails never arrive in my inbox. h) when I attempt to have a code sent to my phone, I never receive the code. i) the microsoft support number has a phone tree that leads me to a place that tells me to go online to get support. j) When I try to contact customer support, it leads me back to the login in page. So I made *another* MS account for support, and have spent 2 weeks getting copy pasta support about "try password reset", "try text code reset", "try account recovery". I never get the password reset to my recovery email, I never get the text, and the account recovery doesn't work because I never used the email, and don't have enough information like email subject lines, or folders, for them to know the account is mine.... even though it was a throwaway email to use for the ecosystem, and not to use for anything else. I am still 10 tech support messages in with their support team, and they still haven't realized the problem: I DO NOT CARE ABOUT RECOVERING MY OUTLOOK EMAIL, but I do if that's the only way to gain access to my hardware's admin account. I have tried everything, and it doesn't work. I do not care anymore. I just want to factory reset the **bleep** thing, but it needs my password for the admin account to do it. Ain't that the darndest thing? I mean.. think about it! Microsoft's broken ecosystem of account recovery means their software has intrinisically bricked my Yoga 3 and made it unusable. I can still use a sub-account, but it acts all wonky because it wants me to download apps using an outlook account and when I try to sign a new one in, it leads to broken links, etc. If Microsoft's ecosystem doesn't allow for account recovery in any way, how do I take control of my hardware again? I feel frustrated and alone. This was a HUGE purchase for us, and I never thought a software glitch or problem with the ecosystem would brick hardware in this manner. NB: I know I have to take some accountability for not remembering the password, or realizing the ecosystem being a bit rigid and fierce, especially when trying to find back end understanding or support in recovery.... I had no idea, and that's on me. I also know it's not "bricked" IE unusable, per se... but not being able to log in to the admin account, nor make changes, updates, or get into the app store... it's pretty brickish. Thanks for listening. Any help is appreciated. 

  Can you get into the Advanced Startup Options page in any way?
  http://pcsupport.about.com/od/windows-8/a/open-advanced-startup-options-windows-8.htm

• The administrator account on my iMac has been changed to standard account somehow. How do I change it back to Admin. without any admin account to put password in with..?

  I have an iMac 21.5 Intel based comp. running Lion 10.7.3

  Somehow you managed to demote the only admin account, despite the safeguards in place to prevent it. I don't remember ever seeing that before. I'd be curious to know how you did it, and why.
  Option 1
  If you've enabled root logins, log in as root and promote the other user to an admin.
  Option 2
  Boot from your recovery partition (command-R at startup) and restore your system from the last Time Machine snapshot taken before the damage was done, if you know when that was.
  Option 3
  Back up all data, then boot in single-user mode. When the text stops scrolling, follow the prompts to make the boot volume writable. Then enter the following command:
  ls /var/db/.AppleSetupDone
  You should get the following line of output below what you entered:
  /var/db/.AppleSetupDone
  If you do, then very carefully enter the following command:
  rm !$
  Now you should get no output. Then enter
  reboot
  The system will boot into the Setup Assistant, as if you were setting it up for the first time. Create a user with the same name as the old admin user. Log in and test. I'm not sure what will happen to your other user accounts, if any. You may need to recreate them.

• ISE admin , PSN and monitoring node fail-over and fall back scenario

  Hi Experts,
  I have question about ISE failover .
  I have two ISE appliaces in two different location . I am trying to understand the fail-over scenario and fall-back scenario
  I have gone through document as well however still not clear.
  my Primary ISE server would have primary admin role , primary monitoring node and secondary ISE would have secondary admin and secondary monitoring role .
  In case of primary ISE appliance failure , I will have to login into secondary ISE node and make admin role as primary but how about if primary ISE comes back ? what would be scenario ?
  during the primary failure will there any impact with users for authentication ? as far as PSN is available from secondary , it should work ...right ?
  and what is the actual method to promote the secondary ISE admin node to primary ? do i have to even manually make monitoring node role changes ?
  will i have to reboot the secondary ISE after promoting admin role to primary  ?

  We have the same set up across an OTV link and have tested this scenario out multiple times. You don't have to do anything if communication is broken between the prim and secondary nodes. The secondary will automatically start authenticating devices that it is in contact with. If you promote the secondary to primary after the link is broke it will assume the primary role when the link is restored and force the former primary nodes to secondary.

• ISE Guest Account Lockout

  Hi,
  I would like to disable account lockout for ISE Guest accounts resulting from login failures. In the ISE, there is a setting for Maximum Number of Login Attempts (with values from 1-9) in:
          Administration>Guest Management>Settings>Guest>Portal Policy
  Can someone tell me where or how account lockout can be turned off  for Guest accounts in the local database of the ISE/WLC.
  Many thanks.
  Sankung                 

  Answer: No, yet there is not way to completely desable this feature in Cisco ISE   
  ref: http://www.cisco.com/en/US/docs/security/ise/1.1/user_guide/ise_guest_pol.html#wp1070066

• Lightroom - Export error from Admin account

  Lion 10.7.4 MacPro  -  I cannot export from Lightroom 4 in my main Admin account. Lightroom gives me an error message - When I create a new admin account I can export from LR4. It also works on my two laptops. Spent much time with Adobe and it was determined that it was an Apple issue. Can anyone help?
  Thanks,
  JT

  There's one thing you could try that might or might not have an effect. If it doesn't, I have no other suggestions.
  Repairing the permissions of a home folder in Lion is a complicated procedure. I don’t know of a simpler one that always works.
  Back up all data now. Before proceeding, you must be sure you can restore your system to its present state
  Launch the Terminal application in any of the following ways:
  ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
  ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
  ☞ Open LaunchPad. Click Utilities, then Terminal in the page that opens.
  Drag or copy — do not type — the following line into the Terminal window, then press return:
  chmod -R -N ~
  The command will take a noticeable amount of time to run. When a new line ending in a dollar sign ($) appears below what you entered, it’s done. You may see a few error messages about an “invalid argument” while the command is running. You can ignore those. If you get an error message with the words “Permission denied,” enter this:
  sudo !!
  You'll be prompted for your login password, which won't be displayed when you type it. You may get a one-time warning not to screw up.
  Next, boot from your recovery partition by holding down the key combination command-R at startup. Release the keys when you see a gray screen with a spinning dial.
  When the recovery desktop appears, select Utilities ▹ Terminal from the menu bar.
  In the Terminal window, enter “resetpassword” (without the quotes) and press return. A Reset Password window opens. You’re not going to reset the password.
  Select your boot volume if not already selected.
  Select your username from the menu labeled Select the user account if not already selected.
  Under Reset Home Directory Permissions and ACLs, click the Reset button.
  Select  ▹ Restart from the menu bar.