We have a CAS appliance configured for Windows SSO. This worked in the past, but I notice today that the Windows SSo service showed stopped on the CAS(this is at our DR site and is not used often so I do not know how long it has been in this state). When I tried to start the service I see the following log entries in the nac_manager log:
setAttribute failed: com.perfigo.wlan.jmx.admin.ServerInfo.SSOState @10.7.255.100:duration=0:ConnectorClient not connected to RMI Connector Server
invoke failed:: com.perfigo.wlan.jmx.admin.ServerInfo.startSSOServer @10.7.255.100:duration=59992:Error unmarshaling return header; nested exception is: java.net.SocketTimeoutException: Read timed out
Any ideas? TAC case will be next in the morning if I cannot figure this out. I am flat out of ideas. I am having the Admins check the account that we use to ensure it has not changed, but short of that I do not now where to turn. Those log messages do not mean much to me.
Actaully we just got it resolved. The CAS is set to hit the any DC in the domain. Turns out it was hitting a DC that did not have the confgured account on it. Unfortunetly, seems like a crap shoot on which DC it will hit unless you configure one specific DC, then re-run ktpass on the user. We don't want to do that, so we are checking with our AD admins to see why the account was not replicated to the DC in question. Issue resolved, saved you a trip! :)
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...