Replication DB problem
I'm under ACS and re-hosting one of our machines in a virtual machine. Since it is our master we are rehosting, I want to first synchronization of the new virtual machine of their physical box.
All services are in place on the VM instance, but the Pb of synchronization does not happen as reported service does not work.
Been looking at the available doc and the likely only cause for that to happen is if there is a FW between the two and to remove small inspection.
There is no FW between each machine, just on different segments. There are other reasons this would happen?
It seems to be a firewall issue. Do you see hits on secondary acs?
If no, it seems to be a firewall problem.
Tags: Cisco Security
Similar Questions
-
ACS appliance 4.2 - database replication internal problem
HelloW
I'm yunchoul jung in Korea
now I'm setting up ACS unit 1113 ver4.2
in internal, primary and secondary database replication server ACS cannot repliacate the database due to the configuration of SELF (127.0.0.1) by default in the configuration of the network.
so I have a guestion, how do I replace 127.0.0.1 address to the ip address you want or delete SELF (127.0.0.1) address
I don't understand a procedure of solution in the documentation below.
Thank you for your help in advance
Problem: 127.0.0.1 is a reserved address
You have two units of the ACS SE 1113 and replicate the database internal from the primary to the secondary.
but you notice this error message in the secondary unit:
Replication of database of ACS
denied - incompatibility of secret shared incoming When you try to change the key of course AAA under Network Configuration Server error message is
returned.
This is due to a known bug,
Symptom: 127.0.0.1 address appears in ACS and the replication fails
Conditions:
Install Acs S/W version 4.2.0.124
Disable the network adapter
Enable network card
* Go to the network settings page.
* Should see the AA server IP to be a return loop
Workaround solution:
For windows: remove the 127.0.0.1 entry
For the device: back up the database, install ACS on windows, restore, delete
the entry, make a backup and restore on the device
Kind regards
~ JG
Note the useful messages
-
Microsoft Out-Of-Band security for December 17, 2008 bulletin
Microsoft Out-Of-Band security for December 17, 2008 bulletin
Microsoft security for December 17, 2008 bulletinPublished: December 9, 2008 | Updated: December 17, 2008
Note: There may be due to replication latency problems, if the page does not keep refreshing
Today Microsoft released the following critical update of band security bulletin
Security bulletin MS08-078 Microsoft - critical
Update of security for Internet Explorer (960714)
Published: 17 December 2008Version: 1.0
General information
Executive summary
This security update addresses a publicly disclosed vulnerability. This vulnerability could allow remote code execution if a user views a Web page specially designed using Internet Explorer. Users whose accounts are configured to have fewer rights user on the system could be less affected than users who operate with administrative user rights.This security update is rated critical for Internet Explorer 5.01, Internet Explorer 6, Internet Explorer 6 Service Pack 1, and Internet Explorer 7. For information about Internet Explorer 8 Beta 2, please refer to the section, frequently asked Questions (FAQ) related to this security update. For more information, see the subsection, software affected and Non-affected, in this section.
Addresses security update, the vulnerability by modifying the way that Internet Explorer validates data binding parameters and handles the error resulting in the exploitable condition. For more information about the vulnerability, see the frequently asked Questions (FAQ) section in the vulnerability information section.
Recommendation. Microsoft recommends that customers apply the update immediately.
Known issues. None
This security update also addresses the vulnerability first described in Microsoft Security Advisory 961051
http://www.Microsoft.com/technet/security/advisory/961051.mspxhttp://www.Microsoft.com/technet/security/bulletin/MS08-078.mspx
A security update for Internet Explorer 7 in Windows Vista x 64 Edition (KB960714)
http://www.Microsoft.com/downloads/details.aspx?FamilyId=69979d92-8d45-47FE-AC4C-c2f1f23cf1fb&displaylang=enNICK ADSL UK
-
For 8 may 2012 Microsoft security bulletin
For 8 may 2012 Microsoft security bulletin
For 8 may 2012 Microsoft security bulletin
Note: There may be due to replication latency problems, if the page does not keep refreshingToday Microsoft released the following security bulletin.
Note: www.microsoft.com/security and www.microsoft.com/technet/security are authorities on questions about the Microsoft Security Bulletins! ANY email, bulletin board or newsgroup posting (including this one) must be verified by visiting these sites for official information. Microsoft never sends security or other updates as an attachment. These updates must be downloaded from microsoft.com or Windows Update Download Center. See the individual bulletins for more details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you type the URL in your web browser physically and do not click on the provided links.
Summary of the bulletin:
http://TechNet.Microsoft.com/en-us/security/bulletin/MS12-may[B] criticism (3) [/ b]
Security bulletin Microsoft MS12-029 - critical
A vulnerability in Microsoft Word could allow Code execution (2680352) remote
Published: Tuesday, may 8, 2012Version: 1.0
http://TechNet.Microsoft.com/en-us/security/bulletin/MS12-029Security bulletin Microsoft MS12-034 - critical
Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)
Published: Tuesday, may 8, 2012Version: 1.0
http://TechNet.Microsoft.com/en-us/security/bulletin/MS12-034Microsoft-MS12-035 security bulletin - critical
In .NET Framework vulnerabilities could allow Code execution (2693777) remote
Published: Tuesday, may 8, 2012Version: 1.0
http://TechNet.Microsoft.com/en-us/security/bulletin/MS12-035[B] Important (4) [/ b]
MS12-030 Microsoft security bulletin - Important
Vulnerabilities in Microsoft Office could allow Code execution (2663830) remote
Published: Tuesday, may 8, 2012Version: 1.0
http://TechNet.Microsoft.com/en-us/security/bulletin/MS12-030Microsoft-MS12-031 security bulletin - Important
A vulnerability in Microsoft Visio Viewer 2010 could allow Code execution (2597981) remote
Published: Tuesday, may 8, 2012Version: 1.0
http://TechNet.Microsoft.com/en-us/security/bulletin/MS12-031MS12-032 Microsoft security bulletin - Important
A vulnerability in TCP/IP could allow an elevation of privilege (2688338)
Published: Tuesday, may 8, 2012Version: 1.0
http://TechNet.Microsoft.com/en-us/security/bulletin/MS12-032Microsoft-MS12-033 security bulletin - Important
A vulnerability in the Windows Partition Manager could allow an elevation of privilege (2690533)
Published: Tuesday, may 8, 2012Version: 1.0
http://TechNet.Microsoft.com/en-us/security/bulletin/MS12-033Please note that Microsoft may release bulletins outside of this schedule if we determine to do.
Visit the Microsoft Solution Center and antivirus security for resources and tools to keep your PC safe and healthy. If you have problems with the installation of the update itself, visit the Microsoft Update Support for resources and tools to keep your PC updated with the latest updates.
Hello NickADSL UK,
Thanks a lot for posting this valuable information.
Best regards
Matthew_Ha
-
Upgrade of Windows 2003 to 2012 r2 DC replication problem
Hello
I added R2 2012 Windows server to windows 2003 sp2 (primary DC) DC and promotes as DC. After the promotion, I run dcdiag and it shows errors.
Each of the servers have three NICs connected to different networks.
Please help me with your expertise since I have to raise this Monday.
Thank you
Kind regards
Charaf-eddine
Here the dcdiag output new DC
Directory Server diagnosis
Perform the initial configuration:
Trying to find the server at home...
Home Server = CADPDC1
* Identified AD forest.
Made the initial collection of information.Make the required initial tests
Test server: Default-First-Site-Name\CADPDC1
Commencement of the trial: connectivity
CADPDC1.engineer.com host name resolution error by
IPv6 stack.
WARNING: could not confirm the identity of this server in the
Directory and names returned by DNS servers. Host name
fixed error 0x2af9 "host is known."
......................... CADPDC1 passed test connectivity
Primary testing
Test server: Default-First-Site-Name\CADPDC1
Commencement of the trial: advertising
WARNING: DsGetDcName returned information for
\\cadpdc. Engineer.com, when we tried to reach CADPDC1.
SERVER IS NO ANSWER or IS NOT considered AS APPROPRIATE.
......................... CADPDC1 was not able to test advertising
Beginning of the test: FrsEvent
There are warning or error events in the last 24 hours after the
SYSVOL is shared. Don't not SYSVOL replication problems can cause
The Group of political problems.
......................... CADPDC1 test FrsEventCommencement of the trial: DFSREvent
......................... CADPDC1 test DFSREvent
Commencement of the trial: SysVolCheck
......................... CADPDC1 test SysVolCheck
Beginning of the test: KccEvent
......................... CADPDC1 test KccEvent
Beginning of the test: KnowsOfRoleHolders
[CADPDC] DsBindWithSpnEx() failed with the error-2146893022,
The name main target is incorrect...
ATTENTION: CADPDC is the owner of the schema, but does not meet the DS RPCBind.
[CADPDC] LDAP bind failed with error 8341,
A directory service error has occurred...
ATTENTION: CADPDC is the owner of the schema, but does not respond to LDAPBind.
ATTENTION: CADPDC is the owner of the domain, but does not meet the DS RPC
Bind.
ATTENTION: CADPDC is the owner of the domain, but does not respond to LDAP
Bind.
ATTENTION: CADPDC is the owner of PDC, but does not meet the DS RPC
Bind.
ATTENTION: CADPDC is the owner of PDC, but does not respond to the LDAP bind.
ATTENTION: CADPDC is the owner of RID, but does not meet the DS RPC
Bind.
ATTENTION: CADPDC is the owner of RID, but does not respond to the LDAP bind.
ATTENTION: CADPDC is the owner of Infrastructure Update, but is not
meet DS RPC Bind.
ATTENTION: CADPDC is the owner of Infrastructure Update, but is not
respond to LDAP Bind.
......................... CADPDC1 failed test KnowsOfRoleHolders
Beginning of the test: MachineAccount
......................... CADPDC1 test MachineAccount
Beginning of the test: NCSecDesc
......................... CADPDC1 passed test NCSecDesc
Beginning of the test: NetLogons
Cannot connect in the NETLOGON share. (\\CADPDC1\netlogon)
[CADPDC1] An net use or LsaPolicy operation failed with error 67.
The network name was not found...
......................... CADPDC1 failed test NetLogons
Commencement of the trial: ObjectsReplicated
......................... CADPDC1 test ObjectsReplicated
From test: Replications
[Check the replications, CADPDC1] A recent replication attempt failed:
From CADPDC to CADPDC1
Naming context: DC = ForestDnsZones, DC = engineering, DC = com
The replication generated an error (-2146893022):
The name main target is invalid.
The failure occurred at 2014-06-27 17:05:59.
The last success occurred at 2014-06-27 17:01:21.
1 failures have occurred since the last success.
[Check the replications, CADPDC1] A recent replication attempt failed:
From CADPDC to CADPDC1
Naming context: DC = DomainDnsZones, DC = engineering, DC = com
The replication generated an error (-2146893022):
The name main target is invalid.
The failure occurred at 2014-06-27 17:05:59.
The last success occurred at 2014-06-27 17:01:21.
1 failures have occurred since the last success.
[Check the replications, CADPDC1] A recent replication attempt failed:
From CADPDC to CADPDC1
Naming context: CN = Schema, CN = Configuration, DC = engineering, DC = com
The replication generated an error (1727):
The remote procedure call failed and did not execute.
The failure occurred at 2014-06-27 17:05:59.
The last success occurred at 2014-06-27 17:01:06.
1 failures have occurred since the last success.
[Check the replications, CADPDC1] A recent replication attempt failed:
From CADPDC to CADPDC1
Naming context: CN = Configuration, DC = engineering, DC = com
The replication generated an error (-2146893022):
The name main target is invalid.
The failure occurred at 2014-06-27 17:05:59.
The last success occurred at 2014-06-27 17:01:07.
1 failures have occurred since the last success.
[Check the replications, CADPDC1] A recent replication attempt failed:
From CADPDC to CADPDC1
Naming context: DC = engineering, DC = com
The replication generated an error (-2146893022):
The name main target is invalid.
The failure occurred at 2014-06-27 17:05:59.
The last success occurred at 2014-06-27 17:01:21.
1 failures have occurred since the last success.
......................... CADPDC1 failure test replications
Beginning of the test: RidManager
......................... CADPDC1 failed test RidManager
Commencement of the trial: Services
......................... CADPDC1 test passed Services
Beginning of the test: SystemLog
A warning event occurred. Event ID: 0x000727A5
Generated time: 27/06/2014-17:01:38
The event string:
The WinRM service is not listening to the WS-Management requests.
A warning event occurred. Event ID: 0 x 80050004
Generated time: 27/06/2014-17:05:03
The event string:
HP 1 GB 2 332T adapter ports Ethernet: the network link is down. Check that the network cable is connected correctly.
A warning event occurred. Event ID: 0xA004001B
Generated time: 27/06/2014-17:05:06
The event string: HP NC112T PCIe Gigabit Server Adapter
An error event occurred. Event ID: 0 x 40000004
Generated time: 27/06/2014-17:05:39
The event string:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server of cadpdc1$. The target name was LDAP/cadpdc.engineer.com/*** Email address is removed from the privacy *. This indicates that the target server could not decrypt the ticket provided by the customer. This can occur when target server principal name (SPN) is registered on one different account that the target service uses. Ensure that the target THAT SPN is registered only on the account used by the server. This error can also occur if the password service target account is different from what is set up on the Kerberos key for this service target Distribution Center. Make sure that the service on the server and the KDC are configured to use the same password. If the server name is not complete, and the target domain (ENGINEER.COM) is different from the customer area (ENGINEER.COM), check if it is the same name of server accounts in these two areas, or use the fully qualified name to identify the server.
An error event occurred. Event ID: 0 x 40000004
Generated time: 27/06/2014-17:05:39
The event string:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server of cadpdc1$. The target name was ldap/cadpdc.engineer.com/*** address email is removed from the privacy *. This indicates that the target server could not decrypt the ticket provided by the customer. This can occur when target server principal name (SPN) is registered on one different account that the target service uses. Ensure that the target THAT SPN is registered only on the account used by the server. This error can also occur if the password service target account is different from what is set up on the Kerberos key for this service target Distribution Center. Make sure that the service on the server and the KDC are configured to use the same password. If the server name is not complete, and the target domain (ENGINEER.COM) is different from the customer area (ENGINEER.COM), check if it is the same name of server accounts in these two areas, or use the fully qualified name to identify the server.
An error event occurred. Event ID: 0 x 40000004
Generated time: 27/06/2014-17:05:41
The event string:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server of cadpdc1$. The target name was of cadpdc$. This indicates that the target server could not decrypt the ticket provided by the customer. This can occur when target server principal name (SPN) is registered on one different account that the target service uses. Ensure that the target THAT SPN is registered only on the account used by the server. This error can also occur if the password service target account is different from what is set up on the Kerberos key for this service target Distribution Center. Make sure that the service on the server and the KDC are configured to use the same password. If the server name is not complete, and the target domain (ENGINEER.COM) is different from the customer area (ENGINEER.COM), check if it is the same name of server accounts in these two areas, or use the fully qualified name to identify the server.
An error event occurred. Event ID: 0 x 40000004
Generated time: 27/06/2014-17:05:43
The event string:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server of cadpdc1$. The target name used was GC/cadpdc.engineer.com/engineer.com. This indicates that the target server could not decrypt the ticket provided by the customer. This can occur when target server principal name (SPN) is registered on one different account that the target service uses. Ensure that the target THAT SPN is registered only on the account used by the server. This error can also occur if the password service target account is different from what is set up on the Kerberos key for this service target Distribution Center. Make sure that the service on the server and the KDC are configured to use the same password. If the server name is not complete, and the target domain (ENGINEER.COM) is different from the customer area (ENGINEER.COM), check if it is the same name of server accounts in these two areas, or use the fully qualified name to identify the server.
A warning event occurred. Event ID: 0x000727AA
Generated time: 27/06/2014-17:05:43
The event string:
The WinRM service could not create the following SPNS: WSMAN/CADPDC1.engineer.com; WSMAN/CADPDC1.
An error event occurred. Event ID: 0 x 40000004
Generated time: 27/06/2014-17:05:55
The event string:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server of cadpdc1$. The target name used was cifs/cadpdc.engineer.com. This indicates that the target server could not decrypt the ticket provided by the customer. This can occur when target server principal name (SPN) is registered on one different account that the target service uses. Ensure that the target THAT SPN is registered only on the account used by the server. This error can also occur if the password service target account is different from what is set up on the Kerberos key for this service target Distribution Center. Make sure that the service on the server and the KDC are configured to use the same password. If the server name is not complete, and the target domain (ENGINEER.COM) is different from the customer area (ENGINEER.COM), check if it is the same name of server accounts in these two areas, or use the fully qualified name to identify the server.
A warning event occurred. Event ID: 0 x 84350444
Generated time: 27/06/2014-17:05:58
The event string:
Information System Officer: health: Post errors have been detected. One or more errors of Power-On-Self-Test were detected when the server starts.
An error event occurred. Event ID: 0 x 40000004
Generated time: 27/06/2014-17:05:59
The event string:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server of cadpdc1$. The target name was E3514235-4B06-11D1-AB04-00C04FC2DCD2/5122bd13-c8ac-4265-a879-3a6831224994/*** Email address is removed from the privacy *. This indicates that the target server could not decrypt the ticket provided by the customer. This can occur when target server principal name (SPN) is registered on one different account that the target service uses. Ensure that the target THAT SPN is registered only on the account used by the server. This error can also occur if the password service target account is different from what is set up on the Kerberos key for this service target Distribution Center. Make sure that the service on the server and the KDC are configured to use the same password. If the server name is not complete, and the target domain (ENGINEER.COM) is different from the customer area (ENGINEER.COM), check if it is the same name of server accounts in these two areas, or use the fully qualified name to identify the server.
An error event occurred. Event ID: 0 x 40000004
Generated time: 27/06/2014-17:05:59
The event string:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server of cadpdc1$. The target name used was ldap/cadpdc.engineer.com. This indicates that the target server could not decrypt the ticket provided by the customer. This can occur when target server principal name (SPN) is registered on one different account that the target service uses. Ensure that the target THAT SPN is registered only on the account used by the server. This error can also occur if the password service target account is different from what is set up on the Kerberos key for this service target Distribution Center. Make sure that the service on the server and the KDC are configured to use the same password. If the server name is not complete, and the target domain (ENGINEER.COM) is different from the customer area (ENGINEER.COM), check if it is the same name of server accounts in these two areas, or use the fully qualified name to identify the server.
An error event occurred. Event ID: 0x0000410B
Generated time: 27/06/2014-17:05:59
The event string:
The request for a new account identifier pool failed. The operation will be retried until the request succeeds. The error is
An error event occurred. Event ID: 0 x 40000004
Generated time: 27/06/2014-17:06:07
The event string:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server of cadpdc1$. The target name used was LDAP/cadpdc.engineer.com. This indicates that the target server could not decrypt the ticket provided by the customer. This can occur when target server principal name (SPN) is registered on one different account that the target service uses. Ensure that the target THAT SPN is registered only on the account used by the server. This error can also occur if the password service target account is different from what is set up on the Kerberos key for this service target Distribution Center. Make sure that the service on the server and the KDC are configured to use the same password. If the server name is not complete, and the target domain (ENGINEER.COM) is different from the customer area (ENGINEER.COM), check if it is the same name of server accounts in these two areas, or use the fully qualified name to identify the server.
An error event occurred. Event ID: 0x0000041F
Generated time: 27/06/2014-17:06:30
The event string:
The processing of Group Policy failed. Windows could not resolve the computer name. This can be caused by one or more of the following:
An error event occurred. Event ID: 0x0000041D
Generated time: 2014/06/27 17:07:07
The event string:
The processing of Group Policy failed. Windows could not resolve the user name. This can be caused by one or more of the following:
An error event occurred. Event ID: 0x0000041F
Generated time: 2014/06/27 17:11:32
The event string:
The processing of Group Policy failed. Windows could not resolve the computer name. This can be caused by one or more of the following:
An error event occurred. Event ID: 0x0000041F
Generated time: 27/06/2014-17:16:33
The event string:
The processing of Group Policy failed. Windows could not resolve the computer name. This can be caused by one or more of the following:
An error event occurred. Event ID: 0 x 40000004
Generated time: 27/06/2014-17:16:38
The event string:
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server of cadpdc1$. The target name used was LDAP/5122bd13-c8ac-4265-a879-3a6831224994._msdcs.engineer.com. This indicates that the target server could not decrypt the ticket provided by the customer. This can occur when target server principal name (SPN) is registered on one different account that the target service uses. Ensure that the target THAT SPN is registered only on the account used by the server. This error can also occur if the password service target account is different from what is set up on the Kerberos key for this service target Distribution Center. Make sure that the service on the server and the KDC are configured to use the same password. If the server name is not complete, and the target domain (ENGINEER.COM) is different from the customer area (ENGINEER.COM), check if it is the same name of server accounts in these two areas, or use the fully qualified name to identify the server.
An error event occurred. Event ID: 0x0000041F
Generated time: 2014/06/27 17:21:35
The event string:
The processing of Group Policy failed. Windows could not resolve the computer name. This can be caused by one or more of the following:
......................... CADPDC1 failed test SystemLog
Commencement of the trial: VerifyReferences
......................... CADPDC1 test VerifyReferences
Running partition tests: ForestDnsZones
Beginning of the test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Beginning of the test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests: DomainDnsZones
Beginning of the test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Beginning of the test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests: schema
Beginning of the test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Beginning of the test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests: Configuration
Beginning of the test: CheckSDRefDom
......................... Configuration test past CheckSDRefDom
Beginning of the test: CrossRefValidation
......................... Configuration test past CrossRefValidation
Running partition tests: engineer
Beginning of the test: CheckSDRefDom
... engineer passed test CheckSDRefDom
Beginning of the test: CrossRefValidation
... engineer passed test CrossRefValidation
Running tests of the company: engineer.com
Commencement of the trial: LocatorCheck
... engineer.com passed test LocatorCheck
Commencement of the trial: cross-site
... engineer.com passed test intersite
Hi Chamarasi,
I suggest that you post the application on Microsoft TechNet forum because we have experts working on these issues. You can check the link to post the same query on TechNet:
http://social.technet.Microsoft.com/forums/WindowsServer/en-us/home?category=WindowsServer
Please do not hesitate to contact us if you have other questions related to Windows.
-
Problem with ACS 4.2 database replication
Greetings,
I'm not able to replicate data between two ACS SE 4.2. I get the following error:
Inbound replication of database of ACS 'ACS_BEX_001' denied - shared secret mismatch.
Apparently, the configuration is ok. I enclose the configuration of these two ACS.
Hello
The problem you see are because of the Self entered on each ACS is set to 127.0.0.1. For replication to work, you must set all 4 entries of ACS at the same shared secret, even the self ones. The problem is when you try to change these entries, it will tell you that you can't use 127.0.0.1, but it also won't let you change the ip address.
The bug Id for this problem is CSCso36620. Workaround declares that the CLI, you can use the "set ip" command to put the IP address in the initial INVESTIGATION period and it should update the self entry in the GUI. At this point, you should be able to update the secret shared on all 4 devices.
Let me know if you have problems to make it work.
Thank you
Nevin
-
ACS 3.2 (2) Build 5 replication problem
Hi all
There are two ACS servers, sits inside an ASA 5510 at Headquarters and the other is inside an ASA 5510 on the hot site.
These 5510 s ASA have been developed to replace two 515Es PIX and the claim is that since the ASAs went replication has stopped working. Of course, it makes no sense to me because there is communication between the ACS server and the firewall is down not anything whenever "replicate now" is issued.
Unfortunately, I dunno much about ACS then is there something I can look for to help troubelshoot it ACS newspapers say
WARNING cannot replicate to '4' Server - server does not
That doesn't help us much, this is a way to get more detailed info journal which could indicate a problem? Thank you.
Hello
ACS uses the port TCP/2000 for replication. This port is also used by the skinny Protocol, making the port used by the ACS replication process.
Fails replication of the ACS from the primary to the secondary, primary school reported that he cannot contact the secondary, and secondary shows any replication of the primary activity.
A firewall between the two servers, ACS is configured to inspect the skinny Protocol, which uses the same port (TCP/2000) that the ACS replication process.
If you do not have a call manager behind your firewall, please disable
Skinny inspect if it is enabled.
#Under overall policy, take the skinny inspection out of the inspection_default #class.
don't inspect skinny
You need to do this on both sides.
HTH
JK
Please evaluate the useful messages-
-
V3.3.4 replication problems
I just upgraded to 3.3.4, and I see a problem with replication. I have two ACS servers and they are authenticating with a server CrytoCard. So I configured the external DB on both servers to point to it. I created the users and they are underlined as external DB. Everything works perfectly, even failover if I close the services on the main server.
However when I replicate the failover doesn't work anymore. What I see is if I look at a user on the server to backup the password for all users authentication section is 'unknown Radius server. I choose the CryptoCard server and everything works fine again.
Any ideas how I can fix/fix this?
Any help would be appreciated. TAC also works on this subject, but I wanted to see if someone else has experianced this problem.
BTW this forum works on a windows server...
I think we can delete the old entry from the database that ACS will not re-index numbers but am not very sure about this one.
Kind regards
Vivek
-
I'm currently implementing replication between two data stores timesten (11.2.1.8.0) created on two servers (asdbsl01poc and asdbsl02poc). Both servers have the same hardware and software configuration.
TimesTen@asdbsl01poc/opt/TimesTen/linux/bin $. / ttVersion
TimesTen release 11.2.1.8.0 (64-bit, Linux/x86_64) (linux:53388) 2011-02 - 02 T 02: 20:46Z
Admin of the Forum: timesten
Instance home directory: / opt/TimesTen/linux
Group owner: timesten
Demon base directory: / opt/TimesTen/linux/info
PL/SQL active.
TimesTen@asdbsl01poc/opt/TimesTen/linux/bin $
TimesTen@asdbsl02poc/opt/TimesTen/linux/bin $. / ttVersion
TimesTen release 11.2.1.8.0 (64-bit, Linux/x86_64) (linux:53388) 2011-02 - 02 T 02: 20:46Z
Admin of the Forum: timesten
Instance home directory: / opt/TimesTen/linux
Group owner: timesten
Demon base directory: / opt/TimesTen/linux/info
PL/SQL active.
TimesTen@asdbsl02poc/opt/TimesTen/linux/bin $
The/etc/hosts on each of the systems have entries on the other. I created a replication system using the link according to [http://download.oracle.com/otn_hosted_doc/timesten/1121/aspair.html]:
Command > repschemes
Active replication system standby:
Master store: TT20110620 on ASDBSL01POC
Master store: TT20110625 on ASDBSL02POC
Excluded arrays:
None
Excluded groups Cache:
None
Excluded sequences:
None
Store: TT20110620 on ASDBSL01POC
Port: (self)
Newspaper Fail threshold: (none)
Retry timeout: 120 seconds
Compress traffic: disabled
Store: TT20110625 on ASDBSL02POC
Port: (self)
Newspaper Fail threshold: (none)
Retry timeout: 120 seconds
Compress traffic: disabled
+ 1 replication schema found. +
Command >
After you create the replication on asdbsl01poc (Master DB) system, I spent asdbsl02poc duplicate DB and follow this link [http://download.oracle.com/otn_hosted_doc/timesten/1121/aspair.html]:
When I ran, ttRepAdmin-duplicate - tt20110620-asdbsl01poc - uid host *-pwd * - keepCG - cacheuid *-cacheuid * "DSN = tt20110625; UID =; PWD = "*, the link above to create a database of duplicate, I came across problems and got this error message:"
TT12080: Any subscriber found to swap with
TT12080: subscribed DSN: TT20110625; Host: ASDBSL02POC. FMR.COM. file: repSelf.c, line: 923
Please let me know what the problem is. The pointers will be greatly appreciated!
Thank you
VikramSo that both copies (and indeed replciation) work corretcly, several criteria must be met:
1 host names used in the names of data store in the REPLICAZTION CREATE or CREATE instructions ACTIVE standby must exactly match the names of local host returned by the command "hoistname".
2. the host names must be able to be resolved on all the systems involved in the replication system.
3. on each local system, the host name must be resolvable to an IP address that we can unequivocally identify an assigned to an interface on the local system.
Most of the problems with double giving this error are because one or more of these criteria have not been met.
My suspicion is that you used the Plains hostnames in your replication scheme, but the system host names are defined (wrongly) to include the domain name (i.e. the "hostname" command returns "asdbsl02poc.fmr.com" instead of just "asdbsl02poc". Best practice dictates that system hostnames does not include the domain information.
Chris
-
problem reconfigure everything. in the replication after the database crash recovery
Dear friends, I have little problem in replication,.
I have 2 databases DB1 and DB2 configured as Multimaster replication and My DB1 is master def. Now my master got DB2 database crashed and replication topology displayed in red color.
So I again created DB2 database. So I tried to bring this new DB2 replication again some of the operations being on my site of master def.
So the problem is that I couldnot stop replication
Can anyone suggest me how can I reconfigure again back in replication without removing the current group of rep
I tried suspend replication by Lee. intervention but couldnot
Start
() dbms_repcat.suspend_master_activity
gname = > 'REPMG');
end;
can someone solution
Note:
my database got crashed and I recreated the database and made available in the position while he was just before the crashEven if 'create you' repadmin and links from the database, there is no information about the configuration of replication (repgroup (s), repobjects etc.) in the database. Also, of course, the deferred transaction queue has no entry.
You must configure replication scratch 'from '.
-
Server 2003 - SBS 2011 Migration of problem - remove replication server
Hello
I'm trying to migrate a Server 2003 SBS 2011, now I know that this goes against the ideas a bit, but I spoke to microsoft and they inform me that it is possible to do.
I primarily /forest adprep32.exe prep executing what it breaks down, I got the following error
asprep was unable to extend the schema
The controller scheme did not complete a replication cycle after the last restart. The controller of schema must complete at least one replication cycle before the scheme can be extended.
[USER ACTION]
Verfity that the schema is it connected to the network and can communicate with the other domain controllers in active directory. use the sites and component services snap-in to replicate between the solid operations master and replication partner at least one. Once replication is successful, run adprep.
now the question I have is that the server is configured for replication no longer exists, the old man of companys IT supports provider obviously did not remove replication correctly, please could somone advise me on how to remove the replication of this system and confirm that it is the FSMO role holder.
Thanks for any help in advance guys.
Lewis
Please repost your request in one of the most appropriate Windows Server Forums. Thank you!
-
Reference Dell EQL PS4100xv problem with MS SQL replication
Hello
I have a Dell PowerEdge server R420 connected to an EQL. Is installed ESXi 5.1 U1 (free version). It is only a data store.
VM is running Windows 2008 R2 STD with MS SQL 2008 R2 STD. The change in size of database per day is around 2 to 3 MB of base on my daily full backups via the MS SQL backup.
However, when I throw a replication session between my EQL PROD and DR EQL which size of delta is ranging from 1 GB to 50 GB every time that I run a replication? Interval is about 5 to 10 minutes. I tried 20 minutes also the size to replicate is erratic.
Why is so huge its more than 1000 MB per replication.
Hope someone can help me with that.
Thank you
Paul
Re: Storage Direct. Yes, if you configure these volumes SQL replication, only the changed data will be included. Only VM will see to all the files in the data store. However, you still want to replicate your VMFS, but not as often as SQL datastore.
Re: optimize. Article I included has the registry setting you need. This works for all storage formatted to NTFS.
In addition, when you format the SQL data / log volumes, has the NTFS 64 K cluster size. The default value is usually 4 or 8 K. This will align all the writings and readings on the 64K of distribution of the EQL table size. This improves performance of I/o.
-
I have two ACS with replication configured. Manual replication works fine, but when setting up scheduled replication, server said "preliminary checks indicate a unnecessary outgoing replication - completed cycle. Even if the new features have been added to the main server, replication is irrelevant.
Any thoughts?
Please check this bug,
CSCsd02854 : automatic replication has not triggered after changing the config
components
Symptom: When it is configured for automatic replication, only the changes to the users/groups/SPC are replicated automatically. Changes to the configuration of NAS, Admin, PAN, external databases
components do not replication trigger.
Conditions: This is seen when the automatic replication (intermittently or at a specific time) is configured.
Solution: Start the replication manually after configuration changes for the affected
components have been made.
http://Tools.Cisco.com/support/BugToolKit/action.do?hdnAction=searchBugs
Please make sure that the secondary ACS server, we have all the replicated network devices
from the primary ACS server successfully. If they are not, and we have configured replication scheduled to take place, then we are hitting this bug.
Kind regards
~ JG
Note the useful messages
-
Problem with replication of the elements
I have no problem running my SOA application on test environment. When I deploy the same thing to the prod. environment, I have error "selectionfailure." When I checked the instance I noticed that this block of (operation assign) a single element is repeated twice. He threw the error message "'the result contains 2 nodes for the XPath expression" "
I tried under code but no luck.
< copy bpelx:ignoreMissingFromData = 'yes '. bpelx:insertMissingToData = "yes" > Hi Puthanampatti,
It is possible in case there is more than one node. Try to use a specific index [0] in the source and destination.
Kind regards
Vikrant Korde
-
Replication to a different diagram in the same database is a problem?
Hello
I'm about to start an integration project in which data needs to be replicated from a schema from A to B schema. These patterns are in the same database. We are looking for a non intrusive process to move data in real time throughout the day. At night, the data must be prepared for treatment. I think GoldenGate might be the right choice for this case. However, some people think it's weird using GoldenGate for replication within the same database, despite being in the other schema data. I do not wish to use ODI or other intrusive process.
Is there a sort of recommendation in order to not to use GoldenGate in such situation (same database)?
Hello
Yes, it is possible and you can use Oracle GoldenGate for configuring replication between two schemas in the same databases. Only a GoldenGate environment is sufficient to achieve this goal.
Kind regards
Veera
Maybe you are looking for
-
Hello everyone, Im a person retired and new to computers and the forums. My question is, when, where and why the recovery discs are used? My L series has 2 of them. Thanks for any help. Post edited by: pcramer1
-
Yestrday I deletet my pic how colud I restore them
Yesterday, I deleted my contacts and deleted from my picter icloud how can I restore them 500 pick
-
HP OfficeJet 4655: Officejet 4655 scans to chromebook
Howdy, I can't scan (or probably copy, etc.) of my HP OfficeJet 4655 to my HP Pavilion Chromebook. The window of the printer says it is "a computer found." I appreciate your help. Bob
-
My printer will not open even I get a debug error C;\Windows\System32\Spool\Drivers\w32x86\3\lxddpswx.exe programModule C:\Windows\System32\Spool\Drivers\w32x86\3\lxdddatr.dllRun-Time check failure #3 the variables 'sNumberOfTopics' is used without b
-
'unspecified error' in windows movie maker
Hola, I'm going crazy with this music any import from iTunes and after their conversion to mp3's now I get an "Unknown error!" AAAAGgggghhh Help, please! Thanks a bunch!