Finally after almost 3 months TAC acknowledge there is a fault!

Started by Dieselboy, February 16, 2016, 08:32:18 PM

Previous topic - Next topic

Dieselboy

Have a problem with Jabber where some random users cannot sign in. Jabber takes the credentials from the laptop and uses those so there is no actual user intervention. The authentication mechanism is SAML SSO on a Windows Server IDP.
Finally this morning after sending some stern emails from the back end of last week with explanations and reasoning as to why TAC and BU (what is "BU"?) are wrong in their finger pointing at non-vendor stuff. I get this:
Quote
...there are few steps which Jabber is not doing correctly and are questionable

Initially I had this set up on Windows Server 2012 IDP however this is an unsupported IDP. The supported IDP is the going EOL Windows Server 2008 which is ridiculous. Had to spend a day or so setting up Server 2008 only to get the same issues.

I cannot state how happy I am that at last I'm no longer being told I am wrong.

The saga continues...

icecream-guy

:professorcat:

My Moral Fibers have been cut.

deanwebb

Goes with this joke:

How many Cisco TAC engineers does it take to change a lightbulb?

Great question, I'll take it back to the BU.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

srg

Quote from: deanwebb on February 17, 2016, 09:41:19 AM
Goes with this joke:

How many Cisco TAC engineers does it take to change a lightbulb?

Great question, I'll take it back to the BU.
It's funny 'cause it's true :\
som om sinnet hade svartnat för evigt.

Dieselboy

Well, the good news is that when TAC have emailed me the logs where our IDP fails to authorise the user / jabber client; and TAC saying the IDP is misconfigured or not working properly. But in fact the logs are showing jabber using the wrong username, and so I stated this to them last Thursday a week ago. So I know what the problem is.

But the bad news is TAC contacted me this morning and stated that the jabber client is not doing service discovery and cannot contact the jabber remote acces servers so they think it's an issue on the laptops relating to sleep. This is obviously not the case as I've looked at the logs myself and can see connections going out and using the wrong username.

Does anyone have a large wall I can bang my head on?  :squint: A pebble-dashed one might be a good choice.

Is there a way of escalating it past the BU? I don't really want to involve our account manager if I can help it. She does enough for us already. 

icecream-guy

Quote from: Dieselboy on February 17, 2016, 10:58:35 PM
Well, the good news is that when TAC have emailed me the logs where our IDP fails to authorise the user / jabber client; and TAC saying the IDP is misconfigured or not working properly. But in fact the logs are showing jabber using the wrong username, and so I stated this to them last Thursday a week ago. So I know what the problem is.

But the bad news is TAC contacted me this morning and stated that the jabber client is not doing service discovery and cannot contact the jabber remote acces servers so they think it's an issue on the laptops relating to sleep. This is obviously not the case as I've looked at the logs myself and can see connections going out and using the wrong username.

Does anyone have a large wall I can bang my head on?  :squint: A pebble-dashed one might be a good choice.

Is there a way of escalating it past the BU? I don't really want to involve our account manager if I can help it. She does enough for us already.

Personally, I would escalate through my HTOM, but that's not an option for most.
:professorcat:

My Moral Fibers have been cut.

Dieselboy

That's probably not an option for me as I don't know what HTOM is. What is it? :)
This morning we had the case pulled back to the guys in Sydney and escalated to the Jabber BU rather than the VCS BU which we were getting nowhere with.

icecream-guy

Quote from: Dieselboy on February 19, 2016, 01:55:05 AM
That's probably not an option for me as I don't know what HTOM is. What is it? :)

High-Touch Operations Manager

Cisco personalized service above SmartNet to help manage your TAC cases

"The Cisco High Touch Operations Management Service delivers personalized support from a Cisco operations
manager who helps improve the operational proficiency, productivity, and efficiency of your IT staff and Cisco
network. With your Cisco operations manager focusing on the ongoing management of your network support
issues, your staff can focus on your core business requirements."

if you want the full low down.
https://www.cisco.com/en/US/services/ps2827/ps2567/data_sheet_htom.pdf

BTW: It ain't cheap.

so basically, if the guy working your TAC case sucks or is unresponsive, your HTOM kicks them in the A$$.
:professorcat:

My Moral Fibers have been cut.