Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Made a Huge mistake - Please help!

I made a huge mistake and don't know how to recover. I did two things. I made registry changes without a backup and I tried to delete a connection in RAS. When I did an ipconfig I was seeing a ppp adapter with another IP. I was trying to figure out what it was. Anyway I have made these huge mistakes and now my CSAcs services won't start. Specifically CSAdmin, CSAuth, CSLog, CSRadius and CSTacacs. CSMon and CSDbsynch still start. Can someone help me! I am a desperate woman. I know I screwed up. How do I configure RAS so that these services will start again.

Any help at all will be greatly appreciated.

Louanne

lfournier@nexterna.com

1 REPLY
Silver

Re: Made a Huge mistake - Please help!

If its from the ACS for windows follow this steps,

W2K Read Only Permissions Version 2.1

1) In AD create a special account, lets call it ?acsaccount?, that has no special privileges or

group memberships.

2) On Member Server run all ACS services using this account:

a) For all ACS Services do the following:

? Double-Click on Service Name.

? Choose the ?Log-On? Tab.

? Choose ?This Account? radio button.

? type ?domainname\acsaccount? and its corresponding password.

? Click "OK".

b) Restart all ACS Services:

? CSAdmin

? CSLog

? CSAuth

? CSRadius

? CSTacacs

? CSDBSync

? CSMon

3) On the Member Server add ?Log on as a Service? and ?Act as part of the OS? user rights:

a) Open Local Security Settings.

b) Open Local Policies.

c) Open User Rights Assignments.

d) Add the ?acsaccount? domain user created in step 1 to the permissions: ?Log on as a Service? and

?Act as part of the OS?.

e) Make sure both Local Setting and Effective Setting include the Domainname\Acsaccountname for

above user rights.

4) In AD, Open the active directory management console on domain controller.

a) Right-click on the folder called ?Users?. Choose the ?Delegate Control..." option. Click

"Next".

b) Click Add.

c) Find and double-click the user that is running the ACS services. Click OK. Click Next.

d) Click ?Only the following objects in the folder.? Put a check in ?User Objects.?

e) Click Next.

f) Put a check in ?Read All Properties.?

g) Click Next.

h) Click Finish.

215
Views
0
Helpful
1
Replies
CreatePlease to create content