Integration of LMS 2.6 with Cisco ACS 4.1.3

Answered Question
Dec 14th, 2009

I am trying to integrate  our Ciscoworks LMS 2.6 with the Cisco ACS 4.1.3 and am following the proceedure as mentioned in the URL below.


However after completing the steps as mentioned , I am not able  to login into the Ciscoworks server with the System User ID .


After entering the credentials the authentication screen just stays blank and after sometime I get a message that the Authentication Failed.


I checked the ACS logs but i don;t see any thing in the Failed Attempts logs



I have attached some of the screen shot from my ACS Server.


Can anyone guide what could be the issue.


Regards

Correct Answer by luijimen about 7 years 2 months ago

Hi Yusuf,


The problem should be the Role you are using for the CiscoWorks applications. The link you posted is for LMS 3.0, in which a "Super Admin" account role is created automatically in ACS upon registration.


However, in LMS 2.6, this is not the case. Try the following:


1) Go to ACS > Shared Profile Components, and repeat the following steps for each CiscoWorks application (Common Services, DFM, Campus, etc.)


2-a) Click 'Add' to create a new Role called "SuperAdmin". Make sure to select the main checkbox in each application, so that ALL OPTIONS are checked.

2-b) Click 'Submit' to apply the changes.


3) Next, under Group Setup, select SuperAdmin as the role for all the LMS applications. Submit+Restart if necessary.


4) Make sure that your system identity user is part of the user group modified in the previous step.


This should allow you to login correctly hopefully.


Regards,


Luis.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
yusuf.ujjainwala Mon, 12/14/2009 - 06:05

The only difference I see that in the SHared Profile Components if I go to any of the Cisco works module I am not able to see the Super Admin (in my case it is the ciscoworks_admin) role.


May be that is what is causing the problem I think.


I have attached the screen shot of my implementation

Correct Answer
luijimen Mon, 12/14/2009 - 16:05

Hi Yusuf,


The problem should be the Role you are using for the CiscoWorks applications. The link you posted is for LMS 3.0, in which a "Super Admin" account role is created automatically in ACS upon registration.


However, in LMS 2.6, this is not the case. Try the following:


1) Go to ACS > Shared Profile Components, and repeat the following steps for each CiscoWorks application (Common Services, DFM, Campus, etc.)


2-a) Click 'Add' to create a new Role called "SuperAdmin". Make sure to select the main checkbox in each application, so that ALL OPTIONS are checked.

2-b) Click 'Submit' to apply the changes.


3) Next, under Group Setup, select SuperAdmin as the role for all the LMS applications. Submit+Restart if necessary.


4) Make sure that your system identity user is part of the user group modified in the previous step.


This should allow you to login correctly hopefully.


Regards,


Luis.

yusuf.ujjainwala Mon, 12/14/2009 - 23:39

Thanks for the reply


I followed the steps mentioned still I am not able to login .


I tried trying to telnet on the TACACS (49) port I am able to connect , is there any other thing that I need to check



yusuf.ujjainwala Tue, 12/15/2009 - 23:18

Our problem got resolved , the issue was we were using port 2002 to sync with the ACS rather than TACACS port 49.


Regards

Actions

This Discussion