Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
887
Views
0
Helpful
4
Replies

LMS 3.2 - Problem with inventory of switches using AAA authentication

Go to solution
alfred.brunner
Level 1
Level 1

‎05-10-2010 05:58 AM

Hi all,

we want to migrate our network equpiment from local authentication (telnet password, enable password) to AAA authentication (Cisco ACS server - username, password for priv level 15). The network devices are managed with CiscoWorks 3.2 and inventory works fine when device login credentials are telnet password, enable password.

I have configured a switch for testing the authentication to the ACS server, and tested the logon manually. After the successful test I reconfigured the device credentials in CiscoWorks and checked it by a device export with credentials. The credentials in CW were OK, but from this time CiscoWorks could't pull an inventory of the switch any more. Every inventory job failed.

Any help would be appreciated. Thanks a lot.

Regards

fred

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to alfred.brunner

‎05-11-2010 02:43 PM

Your prompt is not the default.  Edit NMSROOT/objects/cmf/data/TacacsPrompts.ini.  Set the content to:

USERNAME_PROMPT=username:

PASSWORD_PROMPT=password:

(I am assuming the password prompt is lowercase as well).

Then just re-run your sync archive job.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎05-10-2010 10:32 PM

Inventory collection has nothing to do with the telnet/SSH credentials.  Inventory is fetched using only SNMP.  What error did you get when you ran the new inventory sync?  What type of device did you use for the test?

0 Helpful

Go to solution
alfred.brunner
Level 1
Level 1
In response to Joe Clarke

‎05-11-2010 12:18 AM

Joe,

excuse me, I've made a mistake. It's the malfunction of the configuration *archiving* which depends on telnet services. I have included the trace file of the failed CW archiving job. I can see that CW receives the banner and the username prompt, but doesn't send back any telnet credentials. I have also checked the correctness of the device credentials by a DCR export.

fred

64390-cw-telnet.cap.zip
0 Helpful

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to alfred.brunner

‎05-11-2010 02:43 PM

Your prompt is not the default.  Edit NMSROOT/objects/cmf/data/TacacsPrompts.ini.  Set the content to:

USERNAME_PROMPT=username:

PASSWORD_PROMPT=password:

(I am assuming the password prompt is lowercase as well).

Then just re-run your sync archive job.

0 Helpful

Go to solution
alfred.brunner
Level 1
Level 1
In response to Joe Clarke

‎05-11-2010 11:00 PM

Joe,

thanks a lot. Problem is solved. I like this forum!

fred

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents