I just added a local username (called admin) and a password to an ISE server via CLI. It's a SNS-3495-K9 model and the IOS version is 188.8.131.529. It worked just fine. I tried to do the same for other ISE server, the same model and IOS and I get the following repeated message when I logged with the admin username:
"You are not the owner of /var/run/screen/S-admin."
But when I log in with another local username/password via CLI, I'm able to successfully log in. No message.
I have seen similar issues before with ACS. It seems like something got messed up with the permissions. Unfortunately, you don't have root access so you will need to reach out to Cisco. They can install a root patch and fix the permissions.
Also, have you tried:1
- Removing the username and re-adding it
- Adding a different username and see if you get the same error
- Confirm that you have the "role admin" at the end of the created user
I've entered a new username and it works fine. The problem is entering the same username but different password. I also tried removing it with no luck and re-adding it and it does have "role admin" at the end.
That is indeed a strange behavior. I just tested in my lab and I did not have an issue. I guess if it works with the new username then that is somewhat of a solution. If you want to get this cleaned up though you will need Cisco's assistance.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...