Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Is there a way to bulk delete users in ACS 3.2

I have ACS doing pass-thru authentication to an external database, and we have recently changed our user naming convention from first name + last initial to first initial + last name.

Is there a way to delete users that ACS has created dynamically, other than one by one? Can CSUtil.exe be used to accomplish this task, or is there some other command line procedure?

I don't want to delete ALL the users in the database, there are just a few that I want to remain, but not too many that I am opposed to recreating them if need be.

Any help is appreciated. Thanks in advance.

2 ACCEPTED SOLUTIONS

Accepted Solutions
New Member

Re: Is there a way to bulk delete users in ACS 3.2

I would export all users to a text file. Then Isolate those users, for example in excel, that need to be deleted, after that run the textfile only with names that need to be deleted.

ofcourse back-up first.

net stop csauth

CSUtil.exe -u

cook users.txt

CSUtil.exe -i users.txt

DELETE:John

Cheers

New Member

Re: Is there a way to bulk delete users in ACS 3.2

Did you try consistency checks?

Database issues

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs32/user02/aa.htm#wp304876

Same user appears in multiple groups or duplicate users exist in the CiscoSecure ACS database. Unable to delete user from database.

Clean up the database typing the following command from the command line:

csutil -q -d -n -l dump.txt

5 REPLIES
Silver

Re: Is there a way to bulk delete users in ACS 3.2

Hi

ACS v4.0 has an option for purging externally authenticated users, but on 3.2 the only way is to use an import file with csutil using the DELETE option.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a0080205a48.html#wp531498

New Member

Re: Is there a way to bulk delete users in ACS 3.2

I would export all users to a text file. Then Isolate those users, for example in excel, that need to be deleted, after that run the textfile only with names that need to be deleted.

ofcourse back-up first.

net stop csauth

CSUtil.exe -u

cook users.txt

CSUtil.exe -i users.txt

DELETE:John

Cheers

New Member

Re: Is there a way to bulk delete users in ACS 3.2

I'd like to thank you both for your assistance. The solution you suggested solved my problem.

I have one more question, however. I have 5 users that I am unable to delete (via the script or GUI). The script says that they are already gone, and the GUI does not provide the 'delete' button on the user configuration screen. I suspect their entries have become corrupted somehow. No matter what I try their entries persist. Any ideas on how to force them out of ACS?

Brian

New Member

Re: Is there a way to bulk delete users in ACS 3.2

Did you try consistency checks?

Database issues

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs32/user02/aa.htm#wp304876

Same user appears in multiple groups or duplicate users exist in the CiscoSecure ACS database. Unable to delete user from database.

Clean up the database typing the following command from the command line:

csutil -q -d -n -l dump.txt

New Member

Re: Is there a way to bulk delete users in ACS 3.2

Thanks again. After reloading the database I was able to delete the affected users. Your help is greatly appreciated.

Brian

274
Views
5
Helpful
5
Replies