Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACS 4.1 replication issue and full replication

Hi,

how to force a full replication in ACS 4.1 ?

Sometimes, I cannot find some users only in the secondary ACS and the primary ACS doesn't replicate them again (because no changes made on primary ACS).

thank you in advance

rs 

5 REPLIES
Cisco Employee

Re: ACS 4.1 replication issue and full replication

If few users are not getting mapped then these users might be mapped as dynamically users and later on someone might have done some changes under user profile and it started appearing as static users but in actual acs never changes the  flag value of dynamically mapped users.


If they are static users and you didn't change any thing then the only option left to delete and readd the user. It wll work for sure.


ACS replication components.
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/SCAdv.html#wp756374

HTH

Jatin



Do rate helpful posts-

~BR Jatin Katyal **Do rate helpful posts**

Re: ACS 4.1 replication issue and full replication

Hi RS,

It seems you are talking about dynamic users (User that are stored in AD). Dynamic users are not replicated and there is no need to worry about. Backup ACS will show those user once they are authenticated by secondary server.


This is how it works


--> USER1-------> Got authenticated via Primary ACS---> This user will show up in user database and further it will not be replicated to secondary ACS, so --> Secondary ACS will not show USER1 in its database.


Now our primary server goes down.


---> User1 tries to login again ---> Will be authenticated via Secondary ACS---> Now you will see this user in its database.


Hope that helps!



Regards,

~JG


Do rate helpful posts





New Member

Re: ACS 4.1 replication issue and full replication

Hi, I agree with you, they would seem dynamic user, imported with unknown ures policy, but they are users with windows password only.

How to see a list of dynamic users only in ACS 4.1 to verify their nature ?

thanks

rs

Cisco Employee

Re: ACS 4.1 replication issue and full replication

When you click on user setup and then list all user. It will show you all the users ACS has authenticated. Users who are labelled with "dynamic" word are called dynamically mapped from AD.


HTH

Jatin


Do rate helpful users-

~BR Jatin Katyal **Do rate helpful posts**
New Member

Re: ACS 4.1 replication issue and full replication

Ok, I confirm you those users were not dynamically imported, but statically defined.

thank you in advance

greatings

rs

370
Views
0
Helpful
5
Replies
CreatePlease to create content