Thursday, January 20, 2011

Cisco ASA ASDM - Unable to launch device manager from X.X.X.X

While looking into a Active/Standby Cisco ASA that gave me the error below

Unable to launch device manager from X.X.X.X

image

After looking into this issue I found that it attempted to switch between active and standby. The message was switching failed in the standby log. The cert was still present when going to this in a browser but all pages returned 404.

image

Quick step was switching to standby to active. This allowed changes to be applied from the ASDM. After reloading the standby at this point found this message during boot.

!!!!!....Device Manager image set, but unable to find disk0:/asdm-635.bin

To fix this assure the ASDN has been copied to your standby ASA. I use Open TFTP Server from source forge to manage ASA updates. http://sourceforge.net/projects/tftp-server/

CLI commands for copying off the asdm from the upgraded ASA

copy flash:/asdm-XXX.bin tftp:/

Copy ASDM to other ASA

copy tftp:/asdm-XXX.bin flash:/

For me I did not have to restart the standby ASA after loading the ASDM bin file.

Tuesday, January 18, 2011

Error: execUpgradeSoftware : RETR failed...

While doing a IPS Sensor Software update I got the error Error: execUpgradeSoftware : RETR failed...This error only happened during the instructions of upgrading via FTP.
session 1
config t
upgrade ftp://cisco@x.x.x.x/upgrade.pkg
The quick fix for me was to use the GUI update dialog. If you go to update sensor from sensor management under the IPS section or IDM.
image

After looking into more on the FTP there was a home directory issue with this account. Might be different depending on the FTP with that error. This FTP was running Core FTP.

Monday, January 10, 2011

SQL Server - Invalid Urn filter on server level: filter must be empty, or server attribute must be equal with the true server name

This issue was tracked down to two instances of SQL on the same server with an IP each. The instances were configured that each instances had port 1433 on their respective IP. Problem occurred that SQL default instance was referenced using the hostname for this example sql01. While SQL instance SQL01\Inst02 was referenced by custom domain for example sql02.domain.local. This can be issue with two or more named instances of SQL also.

Problem

Hostname for the server by default registered all of the IPs to DNS as per settings on network settings. When referencing instance A by hostname, DNS will round robin select those IPs to return for the hostname. While running a policy check to that server you might get the error below.

Attempt to retrieve data for object failed for Server %

Invalid Urn filter on server level: filter must be empty, or server attribute must be equal with the true server name

 

Solution 1 – Hostname & Custom Domain

  1. Go to Network settings and IP v4 properties
  2. Uncheck the register this connection’s addresses in DNS
  3. Open DNS mmc and remove old A records for that SQL01
  4. Create new A record for the SQL01\MSSQLSERVER
  5. Create new A record for the SQL01\Inst02 for SQL02.domain.local
  6. Repeat for other named SQL instances

image

 

Solution 2 – Custom Domains

    1. Add enough IPs for the number SQL instances
    2. Create new A record for the SQL01\MSSQLSERVER for SQL01.domain.local
    3. Create new A record for the SQL01\Inst02 for SQL02.domain.local
    4. Repeat for other named SQL instances

 

Solution 3 – Use all Named SQL instances by Hostname

There is a few good reasons you might need to use the hostname to connect to SQL Server, for this example it was SQL01. One of the main issues with using custom domains to access SQL Server is applications that do not support TCP\IP connections and only support Shared Memory. I’ll post another examples of connection types shortly. Shared Memory requires your connection to be the original hostname that SQL was installed with.

Determine what your Server name is below:

select @@servername

To use named SQL instances on the same hostname with one or more IPs the bindings must be bound to same IPs to avoid the issue above. Verify your hostname in DNS matches the IPs bound in SQL Configuration Manger.

Friday, January 7, 2011

BisSubscribe.exe - TF30063: You are not authorized to access %–The remote server returned an error: (401) Unauthorized

This error was found running BisSubscribe command on the TFS Application Tier servers. Disabling the loopback check on the Application Tier fixes this issue. The other option is run the tools from a different computer then TFS 2010 Application server. Below is the register key to add to fix this issue on the server. If you have TFS Application farm this must be run on each server you would wish to run this on. This doesn’t require a restart to take effect.

  1. Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate and then click the following registry key:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

  3. Right-click Lsa, point to New, and then click DWORD Value.
  4. Type DisableLoopbackCheck, and then press ENTER.
  5. Right-click DisableLoopbackCheck, and then click Modify.
  6. In the Value data box, type 1, and then click OK.
  7. Quit Registry Editor, and then restart your computer.

Ref:

401 Issue Sharepoint 2010 Search

http://blog.patricknielsen.net/2011/01/access-is-denied-verify-that-either.html

KB

http://support.microsoft.com/kb/896861/en-gb

Thursday, January 6, 2011

Access is denied. Verify that either the Default Content Access Account has access to this repository, or add a crawl rule to crawl this repository.

This sharepoint issue is all over the internet these days. This issue comes up using SharePoint search crawling on the same box. Other option is install Sharepoint Search on different server then your web applications. Below is registry key to disable the loopback check. From my experience changing this key doesn’t require a restart.

  1. Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate and then click the following registry key:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

  3. Right-click Lsa, point to New, and then click DWORD Value.
  4. Type DisableLoopbackCheck, and then press ENTER.
  5. Right-click DisableLoopbackCheck, and then click Modify.
  6. In the Value data box, type 1, and then click OK.
  7. Quit Registry Editor, and then restart your computer.

After you switch that for SharePoint 2010 go to General Application Settings –> Farm Search Administration –> Search Service Application –> Content Sources –> Start all Crawls

Ref:

401 BisSubscube TFS 2010 Issue

http://blog.patricknielsen.net/2011/01/bissubscribeexe-tf30063-you-are-not.html

KB 

http://support.microsoft.com/kb/896861/en-gb

Login failed for user % Reason: Failed to open the explicitly specified database.

 

Common error that occurs with permission issues that when the user either does not have access to view the database or it doesn’t exist. Application connecting to SQL Server normally will contain more information about the error. For example ColdFusion below

java.sql.SQLException: [Macromedia][SQLServer JDBC Driver][SQLServer]Cannot open database "DBNAME" requested by the login. The login failed.