Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
758
Views
5
Helpful
2
Replies

ACS upgrade and problems with CW LMS

agipkcolon
Level 1
Level 1

‎11-16-2007 09:46 PM

we have LMS 2.6. AAA mode was ACS. Everything worked perfect till we upgraded the existing ACS Servers from V4.0 to V4.1.

After the updrade was done all the devices went to "Not Authorized" status.

ACS mode enabled and no errors reported. No changes were done to ACS or LMS config.

I need now either fix this problem or change the AAA mode to non-ACS.

Any Ideas?

we have LMS 2.6. AAA mode was ACS. Everything worked perfect till we upgraded the existing ACS Servers from V4.0 to V4.1.

After the updrade was done all the devices went to "Not Authorized" status.

ACS mode enabled and no errors reported. No changes were done to ACS or LMS config.

I need now either fix this problem or change the AAA mode to non-ACS.

Any Ideas?

One more note - if I try to do bulk import of devices from acs I receive this error

Import from ACS failed: Unable to process HTTP request: ERROR:0x0001:Insufficient privilegeUnable to import device group

Labels:
0 Helpful
2 Replies 2

Joe Clarke
Cisco Employee
Cisco Employee

‎11-17-2007 09:16 AM

Turning off ACS mode is easy. Just shutdown Daemon Manager, and run:

NMSROOT/bin/perl NMSROOT/bin/ResetLoginModule.pl

The error you're getting, however, points to a problem with the ACS admin user you configured under your AAA settings in LMS. This user must have full access rights to ACS. The best way to see if this is the case is to go to Administration Control and click on the admin's username. On the next page, ALL boxes must be checked.

There is another caveat, though. If this is an ACS appliance, the appliance administrator cannot be the ACS administrator you specify in LMS. The appliance admin is special, and does not have CGI rights. You can see if the current admin user is the appliance user by going to Administration Control in ACS. The top line will say which user is the appliance admin.

If the current ACS admin user is the appliance admin, create a new admin user, grant that user al ACS rights, and update LMS with the new username and password.

agipkcolon
Level 1
Level 1
In response to Joe Clarke

‎11-19-2007 01:45 AM

THANKS A LOT ! :) you helped me much :)

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents