InfoHandler,28/05/2014,19:51:39:066,WARN ,3049638800,ActiveDirectoryInfoHandler::startWatching: inotify_add_watch failed for /var/centrifydc, errno = No such file or directory (2),ActiveDirectoryInfoHandler.cpp:115
EventHandler,28/05/2014,19:52:01:514,ERROR,3036089232,caught exception while calling ConfigNotificationFlow: Method MethodCaller<ConfigNotificationFlow, StartConfigNotifFlowEvent>: Enum [Remote-Access=2] already exists,EventStack.cpp:218
Daemon,28/05/2014,19:52:01:514,ERROR,3086341872,rt_daemon init failed,RTDaemon.cpp:325

All the logs are in warn.

Could you turn on debugs and then try to restart the runtime service to trigger the problem again.

Hello Edward.

I turn on debug with this command

acsuno/admin# acs-config
Escape character is CNTL/D.

Username:
Password:

Please note that due to an internal error you are working in a Failover Mode.
Configuration changes may not take effect. Please contact support.

acsuno/acsadmin(config-acs)# debug-log runtime level debug
acsuno/acsadmin(config-acs)#

and restart runtime service...

acsuno/admin# acs start runtime
Starting runtime
acsuno/admin# sh app stat acs

ACS role: PRIMARY

Process 'database'                  running
Process 'management'                running
Process 'runtime'                   initializing
Process 'ntpd'                      running
Process 'view-database'             running
Process 'view-jobmanager'           running
Process 'view-alertmanager'         running
Process 'view-collector'            running
Process 'view-logprocessor'         running

acsuno/admin#

When runtime service is in "not monitored" state I collect the bundle with the command

acsuno/admin# acs support acsuno-debug-2905 repository patch encryption-passphrase null include-debug-logs 1
Collecting support information ...(acsuno-debug-2905.tar.gz)
Calculating disk size for /opt/backup/supportbundle-acsuno-debug-2905-1401358751
ACS support file 'acsuno-debug-2905.tar.gz' successfully copied to repository 'patch'
acsuno/admin#

Many thanks.

Regards.

Andrea

Andrea,

Luckily, the log file has the problem captured.

Log snippet:

AcsLogs,29/05/2014,10:17:27:816,DEBUG,3036543888,NIL-CONTEXT,Log_Message=[2014-05-29 10:17:27.816 +00:00 0000000005 31108 FATAL Configuration-Notifications: Cold configuration restart failed, ACSVersion=acs-5.5.0.46-B.723, ], Startup/Shutdown ,MessageFormatter.cpp:94
ConfigNotificationFlow,29/05/2014,10:17:27:816,DEBUG,3036543888,NIL-CONTEXT,ConfigNotificationFlow::signalContolCondition: state=StartFailed,ConfigNotificationFlow.cpp:1107
EventHandler,29/05/2014,10:17:27:816,ERROR,3036543888,caught exception while calling back ConfigNotificationFlow: Method MethodCaller<ConfigNotificationFlow, MBSendEvent>: Enum [Remote-Access=2] already exists,EventStack.cpp:255
ConfigVersionManager,29/05/2014,10:17:27:816,DEBUG,3036543888,VersionManager::decrementVersionRef: version ID=1, ref count=4,VersionManager.cpp:159
ConfigVersionManager,29/05/2014,10:17:27:816,DEBUG,3036543888,VersionManager::decrementVersionRef: version ID=1, ref count=3,VersionManager.cpp:159
ConfigVersionManager,29/05/2014,10:17:27:816,DEBUG,3036543888,VersionManager::decrementVersionRef: version ID=1, ref count=2,VersionManager.cpp:159
ConfigVersionManager,29/05/2014,10:17:27:816,DEBUG,3036543888,VersionManager::decrementVersionRef: version ID=1, ref count=1,VersionManager.cpp:159
EventHandler,29/05/2014,10:17:27:816,DEBUG,3036543888,Stack: 0xb4610b48 Destroy stack,EventStack.cpp:37
Daemon,29/05/2014,10:17:27:816,ERROR,3086796528,rt_daemon init failed,RTDaemon.cpp:325
Daemon,29/05/2014,10:17:27:816,ERROR,3086796528,ConfigNotificationFlow::waitStart: unable to load configuration: fatal error,RTDaemon.cpp:326
Daemon,29/05/2014,10:17:27:816,ERROR,3086796528,rc = 4,RTDaemon.cpp:327

The interesting part is here:

MBSendEvent>: Enum [Remote-Access=2] already exists,EventStack.cpp:255

This is pointing to this attribute:

Dictionary attribute [CVPN3000/ASA/PIX7.x-IPSec-Tunnel-Type] enum registered : [2 - Remote-Access]

Are you using this somewhere?

if so delete it and then try to start the runtime, once started, you can re-configure them.

Now, if you are not using this, you are running into data corruption, only the devs can fix it.

You will have to open a case with TAC, now it would be quicker for you as you already know where the problem lies.

Rate if Useful :)

Sharing knowledge makes you Immortal.

Regards,

Ed

Many many thanks Edward.

I'm using this attribute to configure a VPN concentrator. To delete it I need to reconfigure more profiles.

How can I delete it using CLI, GUI is not available when runtime is down.

Regards.

Andrea

Edward,

GUI doesn't come up so I'm going to open a case.

Many many thanks for your help.

Regards.

Andrea

Edward,

Thanks for answering all posts of Andrea. I appreciate your time and patience.

Andrea,

If you've not opened a case and still looking for some help than focus here:

what browser are you using? I guess you are using IE 9 or 10 or 11. If that's correct than let me explain you as per Microsoft's update on 22nd August 2012, Internet Explorer will not open any web page that is signed by a RSA signature which is less than 1024 bits :

http://support.microsoft.com/kb/2661254

In order to resolve this:

Go to PC from where you are accessing ACS > Start > run > cmd  > right click and run as administrator > execute the below listed command 

C:\Users\Employees>certutil -setreg chain\minRSAPubKeyBitLength 512

Regards,

Jatin Katyal

** Do rate helpful posts **