Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
933
Views
0
Helpful
2
Replies

DCR Master/Slave recommendation

tony-jordan
Level 1
Level 1

‎06-05-2007 02:54 AM

I have 2 sites that are going to be using LMS (2.5.1 at the moment). Site 1 LMS is already up but still awaiting for site 2 to be done. Would you reecommend DCR master/slave as opposed two standalone setups working as active-active?

When I was on a TAC call I asked out of interest and he said that Cisco does not support the DCR master/slave setup and if the master goes down you have to manually setup the slave to make it a master.

Will be using ACS on both sites installed on the LMS servers.

Any sugestions would be appreciated.

Labels:
0 Helpful
2 Replies 2

boldizsar.nagy
Level 1
Level 1

‎06-05-2007 03:08 AM

As i know ACS, and LMS on the same machine is not supported by Cisco. Also I do not recommend ACS integration even with ACS installed on separate machines at all. I got lots of trouble setting up ACS integration at our customer.

Some issues:

-Registering modules in ACS via HTTPS is not working. LMS still tries to connect ACS via HTTP. Must register from CLI

-In RME some scheduled jobs (config/inv. coll, poll) are not running. "user has now privilege to run this job"

-Modified groups in ACS. After nearly all devices in LMS appeared as "not managed in ACS". After LMS reboot everything was fine...

0 Helpful

Joe Clarke
Cisco Employee
Cisco Employee

‎06-05-2007 04:16 AM

I am really surprised someone in TAC told you we don't support DCR master/slave. That's just plain wrong. DCR master/slave is 100% supported, and would be a good thing to do here provided you want to share the same device and credentials list on both servers. However, with two different ACS servers, a master/slave configuration may not be what you're going for.

If you integrate LMS with ACS, you really want all LMS servers to point to the same ACS server (or cluster of ACS servers) as each LMS-managed device must be in the same ACS server with which LMS is integrated. Now, if both of these ACS servers will be synced to each other, then DCR master/slave is back on the table. In that case, you should also consider configuring Single Sign-On master/slave across both servers.

But, as has already been said, do NOT install ACS and LMS together. This configuration will cause serious performance problems, and integration may outright fail. This is on top of the inherent security risks incurred by mixing NMS with your network admission system.

0 Helpful
Customers Also Viewed These Support Documents