cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2926
Views
15
Helpful
6
Replies

problem after installation Cisco Prime LMS4.2.2

pslavkovsky
Beginner
Beginner

                   Hi

I upgraded Cisco Prime LMS from 4.2.1 to 4.2.2 (on Solaris) but I see instead LMS portal this message:

Forbidden

You don't have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Please, can you advise me?

Peter

1 Accepted Solution

Accepted Solutions
6 Replies 6

Marvin Rhoads
VIP Community Legend VIP Community Legend
VIP Community Legend

This error  is often the result of problems with the ssl certificate. Try running the sslutil.pl script (instructions here) and checking your server certificate. If that reports problems, you may have to regenerate and install your certificate.

I found in FAQ  part about my problem but i have not directory "support" in opt/CSCOpx/setup/

Q. Why am I getting a 403 forbidden error while trying to access Cisco Prime pages?

A. You should check whether the casuser is assigned with the required local security policies.

If the casuser is not assigned with the required privileges, you should run the resetCasuser utility again. Enter the following commands to run the resetCasuser utility:

NMSROOT/CSCOpx/setup/support/resetCasuser (On Solaris/Soft Appliance)

NMSROOT\CSCOpx\setup\support\resetCasuser.exe (On Windows)

where NMSROOT refers to the Cisco Prime Installation directory.

The other possible solutions are:

Remove or disable the anti-virus software

Restart Daemon Manager

Uninstall or disable IIS

Log on as a batch job

Disable Cisco Security Agent

Stop the Daemon Manager and check if there are any Apache or Tomcat processes running. If so, kill the stray processes from the Task Manager or stop them from the Services panel.

Ensure that the casuser or administrator has the read permission for the CSCOpx, CSCOpx/MDC/tomcat/webapps/cwhp directories, and their inner directories.

I ran SSLUtil.pl :

# perl SSLUtil.pl

Can't locate CRM.pm in @INC (@INC contains: /usr/perl5/5.8.4/lib/sun4-solaris-64int /usr/perl5/5.8.4/lib /usr/perl5/site_perl/5.8.4/sun4-solaris-64int /usr/perl5/site_perl/5.8.4 /usr/perl5/site_perl /usr/perl5/vendor_perl/5.8.4/sun4-solaris-64int /usr/perl5/vendor_perl/5.8.4 /usr/perl5/vendor_perl .) at SSLUtil.pl line 24.

BEGIN failed--compilation aborted at SSLUtil.pl line 24.

# # perl SSLUtil.pl
Can't locate CRM.pm in @INC (@INC contains: /usr/perl5/5.8.4/lib/sun4-solaris-64int /usr/perl5/5.8.4/lib /usr/perl5/site_perl/5.8.4/sun4-solaris-64int /usr/perl5/site_perl/5.8.4 /usr/perl5/site_perl /usr/perl5/vendor_perl/5.8.4/sun4-solaris-64int /usr/perl5/vendor_perl/5.8.4 /usr/perl5/vendor_perl .) at SSLUtil.pl line 24.
BEGIN failed--compilation aborted at SSLUtil.pl line 24.
#

Had this exact problem with a fresh install of LMS (everything described above) and finally got a solution through the TAC.

You have to regenerate the LMS certificate. Do the following:

! remove the existing certificates (there may be a couple in the directory)

cd /opt/CSCOpx/MDC/Apache/conf/ssl

rm -rf server*

! stop the application

/etc/init.d/dmgtd stop

! regenerate the certificates

cd /opt/CSCOpx/bin

/opt/CSCOpx/bin/perl /opt/CSCOpx/MDC/Apache/bin/ConfigSSL.pl -disable

/opt/CSCOpx/bin/perl /opt/CSCOpx/MDC/Apache/bin/ConfigSSL.pl -enable

! restart the application

/etc/init.d/dmgtd start

! the restart process takes a while (took around 10mins for me). during the restart there will be a number of files created and removed from the directory below

cd /opt/CSCOpx/objects/dmgt/ready

ls

when the file "dmgt_start_lock" is no longer in this directory, LMS is then accessible for login (end of boot process has been reached)

At this point everything worked and I was able to log in via the web GUI and start setting up LMS.

HTH

Perfect!  Worked for me too!

If the complete directory is missing, it prompts to incorrect and incomplete installation. You may want to check the install log, which should be in /temp directory if it states any errors while installation.

Being a fresh installed server, i would recommend to go for a clean installa again, rather to find a fix now and have issues again in future.

-Thanks Vinod **Rating Encourages contributors, and its really free. **
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: