LMS : ACS integration Problem

Unanswered Question

I've got lms 2.6 integrated to acs 3.3.

This integration worked correctly for some times. But today, campus data collection doesn't detect new switch present in device discovery. Those switch are present in acs as client and we are using acs to authenticate telnet login.

If i do a report of Devices that are not configured in ACS Report, those switch appears in this report.

There is about 1( switch which are correclty detected by Data Collection.

Does anybody have an idea concerning this problem.

Do i need to renew acs integration.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
Joe Clarke Mon, 08/27/2007 - 08:14

Exactly how is the switch configured in ACS? If the switch is in DCR by hostname, but in ACS by IP, then the switch will appear in the devices not in ACS report. The best way to ensure that DCR and ACS are in sync is to put the management IP address in ACS (either explicitly or with a wildcard), and make sure that same address is used in DCR.

If the addresses are lining up, verify that the current CiscoWorks user as well as the System Identity User have access to that device's NDG, then try restarting dmgtd and ACS to see if that fixes the sync.

Hi,

thanks for your help.

Switch are configured in acs like this :

- aaa client hostname : the exact hostname of the switch

- aaa client ip address, the ip address of the switch

- A key

- authentication use Radius (Cisco IOS/PIX)

Switch are in the drc by their ip address. Ip address in dcr and in acs are the same.

We aren't using NDG for the moment, but it is planned.

Today, i realize that if i configure a switch in acs and then i do a data collection, lms don't discover it correctly.

Then if i restart crmdmgtd and then i do a discovery and data collection, then switch are correctly discovered by data collection.

Is this normal. Is it necessary to restart this service every time we want to add new device ?

mnlatif Tue, 08/28/2007 - 04:48

Him

I have found the same result. It seems that CiscoWorks only checks ACS for configured devices when it is started the first time.

After that, if you add a device in CiscoWorks and then define it in ACS , you will still see it under the section "Devices Not Configured in ACS" on the Common Services Home page.

Probably that is why you don't have any rights to perform any tasks on the devices.

After restarting the Ciscoworks Deamon Manager, then devices are synced again and all works.

\\ Naman

Joe Clarke Tue, 08/28/2007 - 10:29

This should not be required. I have ACS 4.0 here, and all I have to do is update my device's NDG with the new device wildcard, log back into LMS, and my new devices are visible. When I remove my new wildcard, logout and log back in, my new devices are gone as well.

The device list is polled each time a user logs in. So assuming you apply your changes (restart ACS), then the new devices should be visible without a restart of dmgtd.

mnlatif Tue, 08/28/2007 - 14:22

You are right..! I never thought of trying Logout\Login of Ciscoworks assuming that it periodically refreshes the list.

Actions

This Discussion