The Ricoh version can be seen on the configuration page. When you perform these operations from the secondary server, it affects only the secondary server. The LSA Server service, which both enforces security policies and acts as the security package manager for the LSA. If the user name is not recognized, the KDC passes an internal error message to the SSPI. The TSK is distributed by the home domain to the visited domain, and in particular by the AAAh to the AAAv. In large environments this would be unacceptable. The Diagnostic Tools tab displays the list of all available tests that you can run on ACS to check Active Directory domain functions. Alert user name or secure channel communications through a problem on all the sites.