cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1490
Views
5
Helpful
1
Replies
Highlighted
Beginner

ACS 5.1 - Active Directory Connection Suddenly Disconnected

Hi All,

Recently our ACS loss connection to AD. Notice following error message (collect from show tech):

Dec  9 00:05:31 OasPrp-Lvl07-ACS01 adclient[24514]: INFO  <bg:ageBindings> base.

bind.healing Lost connection to myhqkul990003s.simedarbygroup.com. Running in di

sconnected mode: KDC refused skey: Preauthentication failed

Dec  9 00:05:31 OasPrp-Lvl07-ACS01 adclient[24514]: INFO  <bg:ageBindings> base.

bind.healing Lost connection to myhqkul990004s.simedarbygroup.com(GC). Running i

n disconnected mode: KDC refused skey: Preauthentication failed

Dec  9 00:05:31 OasPrp-Lvl07-ACS01 adclient[24514]: ERROR <bg:ageBindings> base.

adagent Can't use default machine password. Please reset computer account in Act

ive Directory

Dec  9 00:05:31 OasPrp-Lvl07-ACS01 adclient[24514]: INFO  <bg:ageBindings> base.

bind.healing Lost connection to myhqkul990003s.simedarbygroup.com. Running in di

sconnected mode: KDC refused skey: Preauthentication failed

Dec  9 00:05:31 OasPrp-Lvl07-ACS01 adclient[24514]: INFO  <bg:ageBindings> base.

bind.healing Lost connection to myhqkul990004s.simedarbygroup.com(GC). Running i

n disconnected mode: KDC refused skey: Preauthentication failed

Dec  9 00:05:31 OasPrp-Lvl07-ACS01 adclient[24514]: ERROR <bg:ageBindings> base.

adagent Can't use default machine password. Please reset computer account in Act

ive Directory

However we manage to restore the connection by reset password of the AD account that used in establish connection between AD and ACS.

What is the meaning of mean above message?

Regards,

Lau

1 REPLY 1
Highlighted
Advocate

ACS 5.1 - Active Directory Connection Suddenly Disconnected

Hi,

Did you try to configure another ACS server.....i.e (OasPrp-Lvl07-ACS02), if so then your issue with netbios, you can only have the first 15 characters of the hostname to be unique.

Its a known issue and is a microsoft limitation so please trim down the characters.

Thanks,

Tarik Admani
*Please rate helpful posts*

Tarik Admani
*Please rate helpful posts*