12-22-2010 03:22 PM - edited 03-10-2019 05:40 PM
I am working through the migration from ACS 4.1.4 on Windows Server 2003 to ACS 5.2 on the appliance. I have created the 4.1.4 migration server, installed the software and imported the data from our production ACS 4.1.4 box. I downloaded the migration utility from the 5.2 ACS server and am attempting to run on the 4.1.4 migration server. The question that fails is:
Enter ACS 4.x Server ID:
I do not know what this means and do not see anything on the 4.1.4 server that identifies the Server ID. I try localhost and it does not work and the 4.1.4 server is not registered in DNS or I would try that (and . are not valid characters in the ID so the IP does not work).
How have other people handled this question? Is there something that can identify the local server ID?
12-23-2010 12:32 AM
Hi,
The ACS server id is the hostname of the machine where ACS is running.
It does not need to be necessarily registered on the DNS. Please note that the server id is only to identify the migation data, it is not used for any DNS resolution.
If you go to System Configuration -> Service Control, you will see a header saying " CiscoSecure ACS on 'server_id' ".
Also, please make sure that you are not accessing the migration machine via RDP, as it will not work.
HTH,
Tiago
--
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.
04-15-2014 03:52 PM
Tiago,
Thanks, I am migrating to a ACS 5.5 server and cisco documentation is not the clearest and it took me awhile and a lot of prayer to get to this point. I had the right ACS 4.x server id, but I was accessing via RDP. Much appreciated even after your post 3 years ago.
Robert
04-25-2014 01:50 AM
Hi robert,
We will be planning the migration from 4.2 to 5.5 tomorrow, have gone through all the documents by cisco. Still have some queries like will I be able to change the ip adds of the new 5.5 ACS, how does the data import will happen in 5.5 with migration utility. Lots of confusion ...if u can help me it will be great.
Regards,
Arun
04-25-2014 02:02 AM
You mean the IP address of ACS gigabit interface? If that's what you meant than yes you can change the ip address. You're only migrating the application database from ACS 4.x to ACS 5.5 that includes the items listed in the below table.
ACS Elements that Migration Process Supports
ACS 4.x Element | ACS 5.5 Element |
---|---|
AAA Client/Network Device | Network Device. See AAA Client/Network Device for more information. |
Internal User | Internal User. See Internal User for more information. |
User Defined Fields (within Interface Configuration section) | Identity Attributes/Internal User. See User Group for more information. |
User Group | Identity Group. See User Group for more information. |
Shared Shell Command Authorization Sets | Command Set. See Shared Shell Command Authorization Sets for more information. |
User T+ Shell Exec Attributes | Identity Attributes/Internal User. See User Group for more information. |
Group T+ Shell Exec Attributes | Shell Profile. See User Group Policy Components for more information. |
User T+ Command Authorization Sets | Command Set. See User Group for more information. |
MAC Authentication Bypass (MAB) Addressed | Internal Host Database. See MAC Addresses and Internal Hosts for more information. |
Shared Downloadable Access Control List (DACL) | Downloadable ACL. See Shared DACL Objects for more information. |
EAP-FAST Master keys | EAP-FAST Master keys. See EAP-Fast Master Keys and the Authority ID for more information. |
Shared RADIUS Authorization Components | Authorization Profiles. See Shared RACs for more information. |
Customer Vendor-Specific Attributes | Customer VSAs. See Customer VSAs for more information. |
Max User Sessions | Maximum User Sessions. See Max User Sessions for more information. |
Regards,
Jatin Katyal
*Do rate helpful posts*
04-25-2014 03:27 AM
Hi Jatin,
I have planned activity as follows,
Step 1 Install ACS 5.5 on SNS 3415-K9 ( Ignore if it is pre-installed)------download the migration utility from the same ACS 5.5 web interface or from the DVD provided .
Step 1 Choose System Administration > Downloads > Migration Utility.
The Migration from 4.x page appears.
Step 2 Click Migration application files to download migration.zip, which contains the application files you use to run the Migration Utility.
acs config-web-interface migration enable
Step 2 Install Cisco Secure Access Control Server (4.2.1 with latest patches) for Windows on the migration machine.
Step 3 Back up the ACS 4.2 data on old ACS 4.2.1.-(Same latest patches should be in old ACS4.2.1)
Step 4 Restore the data in the migration machine.
Note that the backed up data needs to accessible from migration machine. Either data can be copied to migration machine or the migration machine needs to be connected in the same network.
Step 5 Run the Analysis and Export phase of the Migration utility on the migration machine.-------While executing the same all the ACS machines needs to be in reachable to each other.
Running the Migration Utility
Step 1 Open a command prompt and change directory to C:\Migration Utility\migration\bin.
You can specify any directory in which to install the Migration Utility. This example uses the Migration Utility as the root directory.
Step 2 At the command prompt, type migration.bat. To run the Migration Utility:
While running the migration tool ensure that all the required details are entered correctly.
Utility can be run multiple times and results can be verified.
Step 6 Import the data from the migration machine to the SNS 3415-K9 that has ACS 5.5 installed
Now my queries 1) I will be connecting all the machines in n/w -so IP has to be in same network, so i will not be able to use the old 4.2 ACS's IP If the same has to be used how the same can be achieved.
2) how exactly the migration utility works as there are no snapshots in document it only talks abt what it will analyse and what will be migrated, my worry is how do i import that validation passed or analysed data to 5.5.
3) While running setup on 3415 appliance what are mandatory fields and what are not.
12-23-2010 05:31 AM
Hello, according to my experience you can write there anything - it will only created subfolder with similar name under migration tool folder.
12-23-2010 07:45 AM
Tiago got it right:
Also, please make sure that you are not accessing the migration machine via RDP, as it will not work.
The process works when using VNC but not with RDP to this virtual server. I think that is stated somewhere in the documentation, but I could not believe RDP would not work.
Thanks for the responses.
12-23-2010 07:52 AM
Hi,
Good!!
Here is the doc:
HTH,
Tiago
--
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.
05-09-2011 11:10 PM
Hi,
I'm doing this process, but with a migration machine on vmware with S.O. W2K8 Stantard SP1. When I enter the option 1 (Analyze and Export), this is the result: "Fatal Error !! - cannot connect to ACS 4.x DB !!"
I have tried running the bat file as:
- Administrator
- Compatibility mode W2K3 SP1
- Compatibility mode Win XP SP2
None of the combinations of the options had worked. Any ideas?
Thank you in advance,
05-09-2011 11:18 PM
Hello, I have very good experience with combination: VirtualBox + Windows Server 2000. It is very simple environment with minimal things which can fail and working like charm.
05-10-2011 12:41 AM
I found this in the log: Could it be a java issue?
5-10-2011 02:27:52 ACS4Connector.checkDBConnectivity(ACS4Connector.java:137)FATAL - Fatal Error !! - cannot connect to ACS 4.x DB !!
java.sql.SQLException: [Sybase][ODBC Driver][Adaptive Server Anywhere]Database server not found
at ianywhere.ml.jdbcodbc.IDriver.makeODBCConnection(Native Method)
at ianywhere.ml.jdbcodbc.IDriver.connect(IDriver.java:354)
at java.sql.DriverManager.getConnection(Unknown Source)
at java.sql.DriverManager.getConnection(Unknown Source)
at com.cisco.nm.acs.mgmt.migration.ACS4Connector.getConnecter(ACS4Connector.java:66)
at com.cisco.nm.acs.mgmt.migration.ACS4Connector.checkDBConnectivity(ACS4Connector.java:133)
at com.cisco.nm.acs.mgmt.migration.MigrationApplicationCLI.runExport(MigrationApplicationCLI.java:605)
at com.cisco.nm.acs.mgmt.migration.MigrationApplicationCLI.main(MigrationApplicationCLI.java:266)
05-11-2011 08:03 PM
Michal thank you for your comment, I tried with Win2K but I had too much trouble dealing with IE6, so I decided to try with a Win2K3 and it finally worked. The exact information of the VM is:
The S.O a.nd java versions tested that didn't work were the following :
I established a VPN to the internal network of the customer from the VM, where the new and old server reside, and there were no issues.
10-04-2011 06:30 AM
you can get the answer on this URL,
05-17-2015 12:20 AM
Hi,
I face one issues on this as well. During run the migration.bat. it keep show this error.
I am currently running on:
ACS version 4.1.1.24, window 2003 standard and jre 1.5.0.
Do you have any idea on the log error below?
i tried download activation and mail also have the same error.
05-15-2015 10:06:23 JavaUtils.isAttachmentSupported(JavaUtils.java:1308) WARN - Unable to find required classes (javax.activation.DataHandler and javax.mail.internet.MimeMultipart). Attachment support is disabled.
05-15-2015 10:08:50 JavaUtils.isAttachmentSupported(JavaUtils.java:1308) WARN - Unable to find required classes (javax.activation.DataHandler and javax.mail.internet.MimeMultipart). Attachment support is disabled.
05-15-2015 10:40:27 JavaUtils.isAttachmentSupported(JavaUtils.java:1308) WARN - Unable to find required classes (javax.activation.DataHandler and javax.mail.internet.MimeMultipart). Attachment support is disabled.
Regards,
Johnson
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: