cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

526
Views
5
Helpful
6
Replies
Highlighted
Beginner

adclient won't start, troubleshooting

Hi Everyone,

We have had an active ACS unit for many years now, and we've added a second one, both are 1121 Appliances.  The newer one came with 5.4, so we upgraded the older one to 5.4.

We setup replication between the two, with the newer one primary and the older one secondary.  Problem is, windows based clients are unable to authenticate to the older ACS appliance.  The only problem we can see is that it indicates that adclient is not running, under Monitoring & Troubleshooting, ACS Health Instance Summary.

So... been trying to figure out how to correct this, yet have been hard pressed to find a knowledgebase article that works.  So far, Cisco hasn't added my smartNet on the new box so I can get some support... anyone have any ideas what might be causing it?

(NTP is synchronized)

Thanks in advance, Ken

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Is the device registered successfully to the domain?

in Active Directory configuration page, do you see the status of the ACS to AD connectoin as "Connected" or "Not Connected"?

You use same credentials to register both servers to the domain?

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

View solution in original post

6 REPLIES 6
Highlighted
Advocate

Ken,

Do the hostnames of the ACS appilances exceed 15 characters? If so, please make sure that the first 15 are unique.

Thanks,

Tarik Admani
*Please rate helpful posts*

Highlighted

I saw that Knowledgebase article on that too, both names are under 15 characters, and are unique in their names also.  So that shouldn't be a factor, but thank you for the reply.

Highlighted

Is the device registered successfully to the domain?

in Active Directory configuration page, do you see the status of the ACS to AD connectoin as "Connected" or "Not Connected"?

You use same credentials to register both servers to the domain?

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

View solution in original post

Highlighted

I will have to get a domain admin to test with me, there is nothing after Joined to domain nor after Connectivity Status.

Looks like this might be a factor.

Highlighted

Ok, have it joined to the domain now... found an account and am good there, but adclient still doesn't start, going to try a reboot... and it is running on reboot.  Thanks!

Highlighted

Ken,

What version of domain controllers are you at currently and what is the forest functional level?

Please take a look at the Computer group in AD and check to see if the ACS machine account is there. If it is, please delete it and then try to the join process again.

Thanks,

Tarik Admani
*Please rate helpful posts*

Content for Community-Ad