Why is information on CRSAdminUtil.exe not eaisly found ?

Unanswered Question
Jul 26th, 2008

I am running UCCX 5.0(1) against CM 6.1.2

If I change the CM admin password, I believe the only way I can get the AXL provider on UCCX to communicate with CM so that I can log into /appadmin, is to have the AXL password in SYNC with the CCMAdministrator password ..

If that is the case, then WHY is there not much mention in the admin guide of the utility called

"C:\Program Files\Cisco\bin\CRSAdminUtilGUI.exe" ???

There is some mention in the 6.0 docs for UCCX and I believe in the earlier 4.0 docs.

But it seems to be totally sidestepped in 5.0(1) Admin Guide.

Is there some other way that these passwords would get synced if I dont do them manually ???

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (2 ratings)
Loading.
shahedvoicerite Sat, 07/26/2008 - 13:30

Hi Rob,

Yes I did read that before posting :-)

It only mentions CRSAdministrator and NOT

CCMAdministrator which is used for AXL.

I changed my CCMAdministrator password, and got locked out of CRS !!

I tried running the AdminUtil.exe -u CCMService, but got an error 997

There is NO CCMService user in 5.0(1)

The ONLY way I know how to keep the passwords in sync are

1. Change them on CRS before changing them on CCM (which seems dumb)

2. Delete the xml file under the clusterdata directory (whgich worked for me) / or by running cet.bat (which I believe would do the same thing, but its not documented)

I cannot believe that keeping the passwords in sync would be such a big issue !!!

Thanks

Chad Stachowicz Sat, 07/26/2008 - 13:33

It not a big issue! Best practice is to create a seperate user on CCM, and give it the proper role for AXL, or if your lazy make it a superuser! Then use this as the integration, and never change the password, and tell no one about it.

HTH,

Chad

shahedvoicerite Sat, 07/26/2008 - 13:41

Never change the password ??

You MUST be joking :-)

Various security policies require us to change passwords at regular intervals. This also applies to "Application passwords"

The security team is independent of the app team, and they audit the username / password combinations.

Yes, I agree with what you say 100%.

But I dont think everyone can afford to do that.

Besides AXL is very sensetive user, since it can change all config on the CM and is effectively a Superuser anyway !!!!!!!!!!!!!!!

(AFAIK)

Thanks

Chad Stachowicz Sat, 07/26/2008 - 13:45

Then change it smartly! First change it on the UCCX side through the GUI, then change it on the CCM Side, so you don't lock yourself out..

Chad

shahedvoicerite Sun, 07/27/2008 - 02:04

Thanks Chad,

I did point that out as option (1) in my post above.

But I think its not the best way.

Anyhow.. even doing this is not clearly mentioned in the Docs !!

Which Cisco would be a bit clearer.

Thanks

Actions

This Discussion