Unanswered Question
Apr 10th, 2007

Is the idea behind Cisco works that if the initial discovery setup is correct, that all other aspects will use the same discovery database?

It seems that the different moduleas are using a different disovery list, some items are in the campus manager that are not in RME, and the parts lists are not comeplete.

Are these common aspects?

The device reports are not complete, it seems discover is not working correctly.

Is it common to manually add devices or is discovery a better option?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (5 ratings)
richmorrow624 Tue, 04/10/2007 - 06:23

Thanks for the reply:


Common Services 3.0.5

It seems there are devices that were once being inventoried and polled, but they are not any longer.

I cannot add them to RME because I get an error that duplicates are not allowed, but cannot find the device anywhere in the device lists any longer.

I can see that they were once being archived and accessed.

Also, the device lists seem to be different for the differnet modules.

I am also not familiar with this software that does not help, but any ideas?

Joe Clarke Tue, 04/10/2007 - 08:09

Is LMS integrated with ACS? If so, do the devices appear under the Common Services > Device and Credentials > Reports > Devices not in ACS report?

If they do, this could explain all of your problems. For ACS integration to be successful, you must add each device as a TACACS+ client to the same ACS server to which LMS is integrated.

richmorrow624 Tue, 04/10/2007 - 08:23

All devices are already setup for TACACS+ authentication in the ACS server.

As far as I know, the LMS is integrated.

How do I verify this?

Is there any way to check if it is integrated and working?

Joe Clarke Tue, 04/10/2007 - 08:27

As I said, check Common Services > Device and Credentials > Reports > Devices to see if your missing devices show up in that report. Note: they may be clients of the ACS server, but they may not be added using the same IP address and/or hostname that was used when they were added to LMS. If they are listed in the above report, then that's how they need to be found in ACS.

richmorrow624 Tue, 04/10/2007 - 09:28

Ok, they are showing up in that report:

Devices not configured in ACS Report.

What do I need to do to fix this?

I am seeing two differnet dvice lists, one in the above report and a differnent list:

Device List Report.

Are you saing I need to enter the devices in the Not in ACS report to the RME device list?

I need to manually add them?

Joe Clarke Tue, 04/10/2007 - 09:34

You need to add the list of devices not in ACS as network elements in your ACS server. You need to do this under Network Configuration in ACS. Note: only ACS 3.2, 3.3, and 4.0 are supported in LMS 2.6.

richmorrow624 Tue, 04/10/2007 - 11:06

Thank you for the valuable information.

These devices are already in the ACS (ver 3.3)server as network elements.

I am using my ACS account to log into all of the network devices which are using TACACS+ for authentication.

Is it possible the integration is not set up properly?

Are there any documents that describe this?

Joe Clarke Tue, 04/10/2007 - 11:12

See this post:

These procedures were written by TAC, and they are a good "Getting Started" guide for ACS. However, you must make sure that the devices are in ACS by the exact same hostname and/or IP address as seen in the devices not in ACS report.

If this is the case, you may be running into a bug with LMS. The most likely candidate is CSCsh89486.

richmorrow624 Tue, 04/10/2007 - 12:19


Thanks for all of the help.

It does look like the list showing up NOT is actually the ACS device list.

If so, is there a fix?

Can you tell me why there are two differnet device lists?

The one I am seeing in RME and everywhere else is different than the one I am seeing that shows up NOT in ACS (which is actually what looks like what is in ACS, hence maybe the bug), but is the other a list of network discovered devices?

And the other was supposed to be imported?

If not w

Joe Clarke Tue, 04/10/2007 - 12:27

The list of devices not in ACS are devices which are in the Device Credential Repository but not configured in ACS. The list of devices you see in RME are also in DCR, but they are in ACS.

The reason a device shows up the NOT in ACS report, but really is in ACS could be that it is in ACS by a different name or address, he user that you use to login to LMS does not have access to the device in ACS, your System Identity User is not properly configured in ACS (see that previous post), or there is a bug (see the previous post for a potential candidate).

Without knowing more about your ACS integration, I cannot say for certain what the specific problem could be. At this point, you may make more progress by opening a TAC service request. That way, the engineer can get remote access if needed.

richmorrow624 Tue, 04/10/2007 - 15:51

Thanks for the information.

When you say "the user used to log in to LMS" are you talking about my user account I am trying to use the CiscoWorks interface, ot the user account set up to do the polling and information gathering?

Also, is there any block diagram information on how all of this (RME,ACS,DCR,LMS...)integrates and works together?

I am not sure I want to go through the process to re-integration at this time, even though it looks like there are some pieces not done as per the document you sent.

I am afraid I may end up with none of it working.

Joe Clarke Tue, 04/10/2007 - 17:23

I am referring to the user you are using to login to CiscoWorks (i.e. the interactive user or your account). I have not seen any external documents that diagram how the integration works, but certainly it is documented.

I highly recommend you open a TAC service request, as they can make sure everything still works after you correct the missing pieces of your integration.


This Discussion