Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1914
Views
15
Helpful
5
Replies

Cisco ISE message administrative maintenance webui

ivan.martin
Level 1
Level 1

‎01-28-2022 10:48 PM

Hi, 

I have an issue with the access webui of ISE v2.7. I can not access in the webui. ISE shows a message:

"Server is undergoing administrative maintenance. Please try again later". I don't have some process running.
Can you help me please?
Thanks you. Ivan.
 
Details

 

2022-01-29 03:54:32,569 ERROR [webSec-2][] cpm.admin.restui.websec.PatternBasedAnalyzer -::::- Value was found harmful by the pattern:com.cisco.cpm.admin.re stui.websec.InsecurePattern:[dollarSign] pattern:(.*)\$(.*) action:Escape value:class com.cisco.cpm.admin.infra.action.LoginAction$SecurityCheck parameter name:class exclusionTag:SecurityCheck

2022-01-29 03:54:32,593 INFO [admin-http-pool27][] cpm.admin.infra.action.LoginActionResultHandler -::::- Redirected to: /admin/login.jsp?mid=server_maintenance

2022-01-29 03:54:32,569 ERROR [admin-http-pool27][] cpm.admin.infra.action.LoginAction -::::- Can't save locale. loginSuccess: false

2022-01-29 03:54:32,572 INFO [admin-http-pool27][] cisco.ise.ups.internaluser.InternalUserServiceImpl -::::- going to save admin

2022-01-29 03:54:32,572 INFO [admin-http-pool27][] cisco.ise.ups.internaluser.InternalUserServiceImpl -::::- done validation for user admin
2022-01-29 03:54:32,574 INFO [admin-http-pool27][] cisco.ise.ups.internaluser.InternalUserServiceImpl -::::- retrieved RBAC groups for user adunique. numbe r of groups: 1
2022-01-29 03:54:32,576 INFO [admin-http-pool27][] cisco.ise.ups.internaluser.InternalUserServiceImpl -::::- Going to persist user admin
2022-01-29 03:54:32,578 INFO [admin-http-pool27][] com.cisco.epm.jms.AQMessgeHandler -::::- Publishing message for event [TxnCommit / commit] and message c lass[class com.cisco.epm.pap.api.transaction.Transaction]
2022-01-29 03:54:32,593 INFO [admin-http-pool27][] cisco.ise.ups.internaluser.InternalUserServiceImpl -::::- Successfully persisted user admin

2022-01-29 03:54:32,593 INFO [admin-http-pool27][] cisco.ise.ups.internaluser.InternalUserServiceImpl -::::- Sent audit for user admin
2022-01-29 03:54:32,593 INFO [admin-http-pool27][] cpm.admin.infra.action.LoginActionResultHandler -::::- Redirected to: /admin/login.jsp?mid=server_maintenance
2022-01-29 03:54:32,593 INFO [admin-http-pool27][] cpm.admin.infra.spring.ISEAdminControllerUtils -::::- Empty or null forwardStr for: https://IP PAN /admin/LoginAction.do
2022-01-29 03:54:32,942 INFO [admin-http-pool98][] cpm.admin.infra.action.AdminAuthenticationAction -::::- In AdminAuthenticationAction.loadIdentityStores method called

5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

‎01-29-2022 01:59 AM

Details - you posted - you see in the browser while accessing ISE GUI :

 

Try Command level and  check below :

 

>show application status ise  ( what is the application server status ?)

> Application stop ise  ( this will stop the ISE application)

>Application start ise safe  ( start with safe)

>show application status ise  ( what is the application server status ?)  - if that started

 

check the GUI access

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Aref Alsouqi
VIP
VIP

‎01-29-2022 03:42 AM

Restarting ISE application as suggested might fix the issue. If not, I would try to reload the node, and if that doesn't help I would go with ISE applications factory reset via the command "application reset-config ise". Also, I would check that the latest patch is applied to the node which I believe it is patch 6.

0 Helpful

marce1000
VIP
VIP

‎01-29-2022 04:02 AM

 

 - Beside other replies before and after restart (if problems persist) , also have a look at : show logging system ade/ADE.log

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

ivan.martin
Level 1
Level 1
In response to marce1000

‎01-29-2022 09:42 PM

Hi Marce

All services are running in show app sta ise. I tried to access with internal user and AD user but we can not access.

Maybe we are hitting to bug CSCvb64350.

Do you have any idea?

REgard, Ivan

0 Helpful

hslai
Cisco Employee
Cisco Employee
In response to ivan.martin

‎01-30-2022 03:59 PM

CSCvb64350 is a doc bug and the admin guide has been updated in Cisco Identity Services Engine / Install and Upgrade Guides / Cisco Identity Services Engine Administrator Guide, Release 2.1 / Setup Cisco ISE Management Access / Chapter: Manage Administrators and Admin Access Policies /Create an Admin Group 

...

Step 3

Check the corresponding check box to specify the Type of administrator group you are configuring:

  • Internal: Administrators assigned to this group type authenticate against the credentials that are stored in the Cisco ISE internal database.

  • External: Administrators assigned to this group authenticate against the credentials stored in the external identity store that you select in the Administration > System > Admin Access > Authentication > Authentication Method window. You can specify the external groups, if required.

Note 

If an internal user is configured with an external identity store for authentication, while logging in to the ISE Admin portal, the internal user must select the external identity store as the Identity Source. Authentication will fail if Internal Identity Source is selected.

...

 

Customers Also Viewed These Support Documents