cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1571
Views
0
Helpful
8
Replies

Ciscoworks Archive Management Failures

ckeithjones
Level 1
Level 1

I have multiple 6509's that fail to archive their configurations. 50% of them succeed and the other half fail with this job status:

***   Device Details for 140_6509 ***

Protocol   ==> Unknown / Not Applicable

Selected   Protocols with order ==> SSH

Execution   Result:

CM0151   PRIMARY RUNNING Config fetch failed for 140_6509 Cause: Unable to  enter   ENABLE mode from USER mode Action: Check if protocol is supported by  device   and required device package is installed. Check device credentials.  Increase   timeout value, if required.

All the 6509's are setup identically in CW as far as I am able to determine. I've removed one that was failing from DCR and re-added it but got the same error.

A device credential check shows the ssh enable username is missing...I'm not sure what that is because other 6509's pass with the same set of credentials.

8 Replies 8

jefferyj40
Level 1
Level 1

I would double check all credentials that have failed , one letter wrong and it won't pass. Especially your Enable mode password credentials. If you use a local username that also must be entered into Common Services / Device Management

When I see the " Enable username credential missing" what exactly does that mean? Where would I go to fill in that missing username? I've looked under the credential setting sbut don't see an enable username specifically.

Hi,

Under Common Services, which is the first and only area you should enter

device credentials. CiscoWork will automatically distribute these

credentials to the appropriate modules within the application e.g. RME,

DFM..etc

Jeff

Jeff Johnson

Network Communication CSD

Network Analyst

Sargent & Lundy LLC

55 E. Monroe Street Suite 27V17

Chicago, Ill 60603

Office 312-269-7180

Cell 312-315-6780

From: ckeithjones

To: Jeff Johnson

Date: 03/26/2010 08:03 AM

Subject: New message: "Ciscoworks Archive

Management Failures"

jefferyj40,

A new message was posted in the Discussion thread "Ciscoworks Archive

Management Failures":

https://supportforums.cisco.com/message/3042821#3042821

Author : ckeithjones

Profile : https://supportforums.cisco.com/people/ckeithjones

Message:

Ok, I was just getting there from Device Center. Looking in a failed job log I see this:

"[ Fri Mar 26  10:12:27 EDT 2010 ],DEBUG,[Thread-0],com.cisco.nm.rmeng.util.rmedaa.RMERepository,getAttr,165, Cache for: PRIMARY_ENABLE_USERNAME not available. Getting from System"

When I remove the enable password from the device in Common Services the credential check returns a "No value to test" under Enable by SSH. However when I reenter the password then I get "Enable username credential missing.". But the username is right there and I know it's correct because the plain SSH test passes with "OK(Primary Successful)".

I also see this in the job log "[ Fri Mar 26  10:34:44 EDT 2010 ],DEBUG,[Thread-0],com.cisco.nm.rmeng.util.rmedaa.RMERepository,getAttr,131, Got value for x.x.x.x|PRIMARY_USERNAME Value : ***(masked)"

did you ever find a resolution to this?  I'm experiencing exactly this problem.

thanks

bruce

No. I'm off work this week but next week I'm going to open a TAC case for it.

I've found a work around for this.

if you add the following on your switches, it will no longer prompt for the enable login.

aaa authorization exec default group tacacs+ if-authenticated

Once I added this aaa statement, CW could then login directly to exec mode...

I would think there would be another method for getting cisco works to function without having to add this to every switch, but if you're in a bind and need to get your configs archived, you could use this...

Bruce

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: