cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4125
Views
0
Helpful
23
Replies

Apache Service not starting in CiscoWorks LMS 3.1

max_gbp777
Level 1
Level 1

Hi,

The CiscoWorks LMS 3.1 Apache service does not start, even when the CiscoWorks daemon manager is restarted (net stop, net start)or server rebooted. The Daemon manager takes around 45 minutes to start the rest of the services.

Rebooted Server (Win 2k3 SP1), Reset casuser, removed Sophos, re-attempted, certificate renewed, rebooted, all without success.

Been advised that removing the server from the domain might help? but can't really see how if casuser is in correct User Assignment Rights.

Any help would be appreciated. Thank you.

2 Accepted Solutions

Accepted Solutions

As I said, you can change the port with the changeport.exe utility. For example, to change the port to tcp/1751, use the command:

NMSROOT\MDC\Apache\changeport.exe 1751 -s

As for the forbidden error, I need to see a good output of pdreg -l Apache. The previous output was bad since Daemon Manager hadn't fully initialized.

View solution in original post

Okay, do this:

NMSROOT\bin\perl.exe NMSROOT\MDC\Apache\ConfigSSL.pl -enable

That will fully enable SSL. Then, disable it:

NMSROOT\bin\perl.exe NMSROOT\MDC\Apache\ConfigSSL.pl -disable

Since SSL was fully enabled first, the script should then detect that it needs to be disabled, and remove all of the hooks. Then you should be able to access the pages with HTTP.

View solution in original post

23 Replies 23

Joe Clarke
Cisco Employee
Cisco Employee

Post the NMSROOT\MDC\Apache\logs\error.log as well as any relevant errors from the Windows Event Viewer. These kind of cases typically point to an Apache config problem, so please post the output of:

NMSROOT\MDC\Apache\Apache.exe -t NMSROOT\MDC\Apache

As well as the output of pdreg -l Apache and the output of netstat -a -n -o -b.

Hi Jclarke,

Thank you for the quick response.

Attached as requested.

eventvwr:

*****************************

Event Type: Error

Event Source: Apache Service

Event Category: None

Event ID: 3299

Date: 13/08/2009

Time: 15:24:46

User: N/A

Computer: CENTAUR

Description:

The Apache service named D:\PROGRA~1\CSCOpx\MDC\Apache\Apache.exe reported the following error:

>>> [Thu Aug 13 15:24:46 2009] [warn] pid file d:/program files/cscopx/mdc/apache/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run? <<<

before the error.log file could be opened.

More information may be available in the error.log file. **********************************

Kind Regards

Max

You did not post the error.log, but from the netstat output, I see you're already running a web server on tcp/443 (IIS). I'm not sure what TCP port you configured for LMS for HTTPS, but if it is also 443, then that would prevent Apache from starting. The error.log would say for certain, but if you're using tcp/443 for LMS, you need to either shutdown IIS, or use the NMSROOT\MDC\Apache\changeport.exe tool to change the port. For example, to change the HTTPS port to tcp/1751:

changeport.exe 1751 -s

Hi Jclarke,

we use http not https for CiscoWorks. It does however show that it is attempting to bind with port 443 in the error log. How should I change this.

Please advise.

Thank you,

Hi Jclarke,

Missing from previous post:

The URL we usually use to access is http://servername:1741

Thank you

Hi Jclarke,

Disabled IIS (required for HP Openview) and the Apache service started. Hooray!

But now have the error below.

Please advise which ports to change to allow both IIS and Aapche services to run together and why I get a forbidden message.

Thank you,

*******************

Forbidden

You don't have permission to access /login.html on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

*******************

As I said, you can change the port with the changeport.exe utility. For example, to change the port to tcp/1751, use the command:

NMSROOT\MDC\Apache\changeport.exe 1751 -s

As for the forbidden error, I need to see a good output of pdreg -l Apache. The previous output was bad since Daemon Manager hadn't fully initialized.

Hi Jclarke,

I attempted to revert to previous port 1741 with command: changeport.exe 1741 -s and without '-s'

but this gave an error.

ERROR: An attempt was made to access a socket in a way forbidden by its access permissions.

Attached error.log as well.

Please advise.

Thank you,

You can't do that. First, LMS ALWAYS uses HTTPS. Even if you select to only use HTTP, you have to also have Apache listening for HTTPS connections for inter-process communication and authentication. So, make sure you pick a TCP port other than 443 or 1741 for LMS HTTPS. Also, make sure you run the changeport.exe utility as a local Administrator.

As for the forbidden error, this typically has to do with an Apache registration issue. That is why I want to see the good output from pdreg -l Apache when Daemon Manager is running

Hi Jclarke,

Changed to port 1751.

Attached log from CSCOpx\MDC\Apache\logs

Is this the correct log?

Please advise,

Thank you,

I need to see the output of pdreg -l Apache. What you should do now that the Apache HTTPS port has been changed is reboot the server. After it comes back up, run the pdreg -l Apache command. It should return quickly, and show details about how the Apache daemon is registered is Daemon Manager. I would also like to see the new output from pdshow.

Hi Jclarke,

Attached as requested.

I have to go to an appointment now.

Thank you for your help so far, i will reply when I get back or tomorrow if it is to late.

Thank you,

Kind Regards

Max

I figured this was the problem. Do the following, and you should be set:

* Shutdown Daemon Manager

* Run NMSROOT\bin\perl NMSROOT\MDC\Apache\ConfigSSL.pl -disable

* Restart Daemon Manager

Hi Jclarke,

I tried the above and it produced a notepad file (ConfigSSL.pl attached)when I ran the command 'ConfigSSL.pl -disable'.

The login page does come up on port 1751, but i am unable to login using my AD account and the CiscoWorks admin account but it produces the 'Forbidden' error below when accessed.

*******************************

Forbidden

You don't have permission to access /cwhp/LiaisonServlet on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

*******************************

Please advise,

Thank you,

Review Cisco Networking for a $25 gift card