I have updated LMS 2.6 to 3.0, but I have a problem with implementing LMS 3.0 in ACS 3.3 (1) Build 16.
For all User there is not the correct privileges for all applications.
In ACS I've build a AAA Client (LMS-Srv)and gives Group/User "System Administration" rights for all applications.
In LMS "AAA Mode Setup" I configured Tacacs-Server address/port, register all installed applications and so on. After "Apply" the popup displays: Tacacs+, HTTP/HTTPS, AAA Clinet configured, Secret Key Verification -> all successed/configured. But on "System Identification User" displays: Not configured properly for -(rme, CM, dfm, cwportal, ipm). The System ID User is in Tacacs a Superuser.
In ACS I can see that all application are registered, but in User or Group Setup there is for all application two Intems e.g. cwhp and Cisco Works, CM and Cisco Campus Manager, rme and Ressource Manager Essentials, cwportal and Cisco Works Portal and so on.
I don't know is it correct or is it just the registration of old LMS 2.6 ???? But the problem is the privileges of users. in Tacacs-log I can see "Login in cwhp with privilege level 1". How can I change the privilege level for Cisco Works Applications in 15 or "System Administrator".
In LMS 3.0 we create a new ACS role called Super Admin (for all applications). Assuming application registration completed successfully, you should see the Super Admin role under all LMS applications. The list of applications you should have under Shared Profile Components is:
Ciscoworks Common Services
Resource Manager Essentials
Ciscoworks Campus Manager
Device Fault Manager
Internetwork Performance Monitor
And as I said, each one should have a Super Admin role within it.
Once you have all the new attributes registered with ACS, configure your System Identity User's ACS group such that its CiscoWorks applications (all of the ones listed above) are granted Super Admin access. Once that is done, you should be able to complete registration.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...