Q.Why does the interface not look right?
A.
An older video (graphics) card might fail to display the Security Manager GUI correctly until you upgrade its driver software.
To test whether this problem might affect your client system, right-click My Computer, select Properties, select Hardware, click Device Manager, then expand the Display adapters entry. Double-click the entry for your adapter to learn what driver version it uses. You can then do one of the following:
-
If your client system uses an ATI MOBILITY FireGL video card, you might have to obtain a video driver other than the driver
that came with your card. The driver that you use must be one that allows you to configure Direct 3D settings manually. Any
driver lacking that capability might stop your client system from displaying elements in the Security Manager GUI.
-
For any video card, go to the web sites of the PC manufacturer and the card manufacturer to check for incompatibilities with
the display of modern Java2 graphics libraries. In most cases where a known incompatibility exists, at least one of the two
manufacturers provides a method for obtaining and installing a compatible driver.
Q.
Why is the Security Manager Client missing from the Start menu in my Japanese version of Windows?
A.You might have configured the regional and language option settings to use English on the client system. We do not support
English as the language in any Japanese version of Windows. Use the Control Panel to reset the language to Japanese.
Q.
Why is the Security Manager Client missing from the Start menu for some or all the users on a workstation on which it is installed?
A.When you install the client, you select whether shortcuts will be created for just the user installing the product, for all
users, or for no users. If you want to change your election after installation, you can do so manually by copying the Cisco
Security Manager Client folder from Documents and Settings\<user>\Start Menu\Programs\Cisco Security Manager to Documents
and Settings\All Users\Start Menu\Programs\Cisco Security Manager. If you elected to not create shortcuts, you need to manually
create the shortcut in the indicated All Users folder.
Q.
What can I do if my connections from a client system to the server seem unusually slow, or if I see DNS errors when I try
to log in?
A.>You might have to create an entry for your Security Manager server in the hosts file on your client system. Such an entry can help you to establish connections to your server if it is not registered with
the DNS server for your network. To create this helpful entry on your client system, use Notepad or any other plain text editor
to open C:\WINDOWS\system32\drivers\etc\hosts. (The host file itself contains detailed instructions for how to add an entry.)
Note
|
You might have to create an entry for your DNS additional entry which will point to the same IP address (which will be used
in the Security Manager client application's “Server Name” field) in the httpd.conf configuration file under NMSROOT~/MDC/Apache/conf/
and restart the Daemon Manager. Such an entry can help you establish connections to your server. Examples:
ServerName
,
foo.example.com
. [Tip: The location NMSROOT
is the path to the Security Manager installation directory. The default is C:\Program Files (x86)\CSCOpx.]
|
Q.
What is wrong with my authentication setup if my login credentials are accepted without any error message when I try to log
in with Security Manager Client, but the Security Manager desktop is blank and unusable? (Furthermore, does the same problem
explain why, in my web browser, Common Services on my Security Manager server accepts my login credentials but then fails
to load the Cisco Security Management Suite desktop?)
A.You did not finish all the required steps for Cisco Secure ACS to provide login authentication services for Security Manager
and Common Services. Although you entered login credentials in ACS, you did not define the Security Manager server as a AAA
client. You must do so, or you cannot log in. See the ACS documentation for detailed instructions.
Q.
What should I do if I cannot use Security Manager Client to log in to the server and a message says...?
... repeatedly that the server is checking its license.
|
Verify that your server meets the minimum hardware and software requirements. See Server Requirements and Recommendations.
|
Synchronizing with DCR.
|
There are two possible explanations:
-
You started Security Manager Client shortly after your server restarted. If so, allow a few more minutes for the server to
become fully available, then try again to use Security Manager Client.
-
Your CiscoWorks administrative password contains special characters, such as ampersands (&). As a result, the Security Manager
installation failed to create a comUser.dat file in the NMSROOT \lib\classpath subdirectory on your server, where NMSROOT is the directory in which you installed Common Services (the default is C:\Program Files (x86)\CSCOpx):
-
Either contact Cisco TAC for assistance in replacing comUser.dat or re-install Security Manager.
-
Create a Common Services password that does not use special characters.
|
Error - Unable to Check License on Server.
An attempt to check the license file on the Security Manager server has failed.
Please confirm that the server is running. If the server is running, please contact the Cisco Technical Assistance Center.
|
At least one of the following services did not start correctly. On the server, select Start > Programs > Administrative Tools > Services, right-click each service named below, then select Restart from the shortcut menu:
-
Cisco Security Manager Daemon Manager
-
Cisco Security Manager database engine
-
Cisco Security Manager Tomcat Servlet Engine
-
Cisco Security Manager VisiBroker Smart Agent
-
Cisco Security Manager Web Engine
Wait 5 minutes, then try again to start Security Manager Client.
|
Q.
Why is the Activity Report not displayed when I use Internet Explorer as my default browser?
A.This problem occurs because of invalid registry key values or inaccuracies with the location of some of the dll files associated
with Internet Explorer. For information on how to work around this problem, refer to the Microsoft Knowledge Base article
281679, which is available at this URL: http://support.microsoft.com/kb/281679/EN-US
Q.
How can I clear the server list from the Server Name field in the Login window?
A.Edit csmserver.txt to remove unwanted entries. The file is in the directory in which you installed the Security Manager client.
The default location is C:\Program Files (x86)\Cisco Systems\Cisco Security Manager Client.
Q.
The Security Manager client did not load because of a version mismatch. What does this mean?
A.The Security Manager server version does not match the client version. To fix this, download and install the most recent client
installer from the server.
Q.
Where are the client log files located?
A.The client log files are located in C:\Program Files (x86)\Cisco Systems\Cisco Security Manager Client\logs. Each GUI session
has its own log file.
Q.
How do I know if Security Manager is running in HTTPS mode?
A.Do one of the following:
-
After you log in to the server using a browser, look at the URL in the address field. If the URL starts with https, Security
Manager is running in HTTPS mode.
-
Go to Common Services > Server > Security > Single Server Management > Browser-Server Security Mode Setup. If you see Current
Setting: Enabled, Security Manager is running in HTTPS mode. If the setting is Disabled, use HTTP.
-
When logging in using the client, first try HTTPS mode (check the HTTPS checkbox). If you get the message “Login URL access
is forbidden; Please make sure your protocol (HTTP, HTTPS) is correct,” the server is probably running in HTTP mode. Uncheck
the HTTPS checkbox and try again.
Q.How can I enable the Client Debug log level?
A.In the file client.info, which is located by default in C:\Program Files (x86)\Cisco Systems\Cisco Security Manager Client\jars,
modify the DEBUG_LEVEL parameters to include DEBUG_LEVEL=ALL and then restart the Security Manager client.
Q.
When working with a dual-screen setup, certain windows and popup messages always appear on the primary screen, even when the
Security Manager client is running on the secondary screen. For example, with the client running on the secondary screen,
windows such as the Policy Object Manager always open in the primary screen. Can I fix this?
A.This is a known issue with the way dual-screen support is implemented in certain operating systems. We recommend running the
Security Manager client on the primary screen. You should launch the client after configuring the dual-screen setup.
If a window opens on the other screen, you can move it by pressing Alt+spacebar, followed by M; you can then use the arrow
keys to move the window.
Q.
I cannot install or uninstall any software on a client system. Why?
A.If you run an installation and an uninstallation simultaneously on the client system, even if they are for different applications, you corrupt the client system InstallShield database engine
and are prevented from installing or uninstalling any software. For more information, log in to your Cisco.com account, then
use Bug Toolkit to view CSCsd21722 and CSCsc91430 .