Is there a method to import SBR (local) users into ACS? Perhaps via some intermediate tool? The SBR exports will contain one-way-hashed passwords, so the question is really whether there is any method to import ACS users with these?
If you can export a list of the user accounts you can take the user names and download the import template (CSV) from the ACS user configuration.
What you can do next is build a one-time password so that users will have to enter and set the flag in the import template for the password to expire during the next login.
You can then use the UCP scripts on a web server so that users can change their password, this is the best solution I can suggest.
Also are you username formats the same in Active Directory? You can import the usernames and set the password to use AD or LDAP for password authentication (will need to double-check your version of ACS).
That's very helpful, but one problem is that the authenticating devices are specialised hardware on which the users cannot change their passwords - it has to be done by local administration staff who have the necessary tools. So the question is whether there is any mechanism to use an exported file from Steel Belted Radius, including hashed passwords, which can be imported into ACS?
The passwords are stored directly in the SBR server. I've just had a look at what it's capable of exporting, and it seems I can get the data out in XML format, which I can then manipulate, of course. However, the issue is that the passwords are not exported in plain text. If the password is stored as a hash on the SBR server, you get an MD5 hash in the XML file. If it is stored in "plain text" in the SBR server then the XML export shows the password in encrypted form.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...