we are about to deploy some NEXUS 5600 (7.3(0)N1(1)) switches in our detacenter and I am trying to implement automatic configuration backup. On Catalyst we are using kron and archive commands to upload config to ftp server. Now I am trying to achieve the same with EEM.
event manager applet DailySave
event timer cron cron-entry "15 3 * * *"
action 1.0 cli command "copy running-config startup-config"
event manager applet FTPBackup
event cli match "copy running-config startup-config"
action 0.3 syslog msg "Backup started."
action 0.5 cli command "enable"
action 1.0 cli command "copy running-config ftp://user:[email protected]/path/$(SWITCHNAME)_$(TIMESTAMP) vrf default"
action 1.6 syslog msg "Backup ended."
action 2.0 event-default
event manager applet TEST
event cli match "show ip interface brief"
action 1.0 puts "Script begin."
action 1.8 cli command "enable"
action 2.0 cli command "show logging last 5"
action 9.0 puts "Script end."
action 9.9 event-default
The copy command works perfectly fine as long as it is executed interactively from the CLI. The EEM puts actions in the TEST applet work perfectly fine as well. What does not work however are any of the cli actions.
We are using AAA/TACACS+ to do the full AAA. This brings me to the idea that the command authorization does not work correctly. There apparently were ways in Catalyst IOS how to get around this, but these do not seem to be available in NX-OS. Or I just can't find them.
One thing to mention is that in the ACS log I am not seeing any authentication/authorization attempts.
I would welcome any suggestions how to execute the cli commands, thanks.
AAA config for reference:
aaa authentication login default group ACS_Cluster local
aaa authentication login console group ACS_Cluster local
aaa authorization config-commands default group ACS_Cluster local
aaa authorization commands default group ACS_Cluster local
aaa authorization config-commands console group ACS_Cluster local
aaa authorization commands console group ACS_Cluster local
aaa accounting default group ACS_Cluster local