Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Ciscoworks Archive Management Failures

I have multiple 6509's that fail to archive their configurations. 50% of them succeed and the other half fail with this job status:

***   Device Details for 140_6509 ***

Protocol   ==> Unknown / Not Applicable

Selected   Protocols with order ==> SSH

Execution   Result:

CM0151   PRIMARY RUNNING Config fetch failed for 140_6509 Cause: Unable to  enter   ENABLE mode from USER mode Action: Check if protocol is supported by  device   and required device package is installed. Check device credentials.  Increase   timeout value, if required.

All the 6509's are setup identically in CW as far as I am able to determine. I've removed one that was failing from DCR and re-added it but got the same error.

A device credential check shows the ssh enable username is missing...I'm not sure what that is because other 6509's pass with the same set of credentials.

New Member

Re: Ciscoworks Archive Management Failures

I would double check all credentials that have failed , one letter wrong and it won't pass. Especially your Enable mode password credentials. If you use a local username that also must be entered into Common Services / Device Management

New Member

Re: Ciscoworks Archive Management Failures

When I see the " Enable username credential missing" what exactly does that mean? Where would I go to fill in that missing username? I've looked under the credential setting sbut don't see an enable username specifically.

New Member

Re: Ciscoworks Archive Management Failures


Under Common Services, which is the first and only area you should enter

device credentials. CiscoWork will automatically distribute these

credentials to the appropriate modules within the application e.g. RME,



Jeff Johnson

Network Communication CSD

Network Analyst

Sargent & Lundy LLC

55 E. Monroe Street Suite 27V17

Chicago, Ill 60603

Office 312-269-7180

Cell 312-315-6780

From: ckeithjones

To: Jeff Johnson

Date: 03/26/2010 08:03 AM

Subject: New message: "Ciscoworks Archive

Management Failures"


A new message was posted in the Discussion thread "Ciscoworks Archive

Management Failures":

Author : ckeithjones

Profile :


New Member

Re: Ciscoworks Archive Management Failures

Ok, I was just getting there from Device Center. Looking in a failed job log I see this:

"[ Fri Mar 26  10:12:27 EDT 2010 ],DEBUG,[Thread-0],,getAttr,165, Cache for: PRIMARY_ENABLE_USERNAME not available. Getting from System"

When I remove the enable password from the device in Common Services the credential check returns a "No value to test" under Enable by SSH. However when I reenter the password then I get "Enable username credential missing.". But the username is right there and I know it's correct because the plain SSH test passes with "OK(Primary Successful)".

New Member

Re: Ciscoworks Archive Management Failures

I also see this in the job log "[ Fri Mar 26  10:34:44 EDT 2010 ],DEBUG,[Thread-0],,getAttr,131, Got value for x.x.x.x|PRIMARY_USERNAME Value : ***(masked)"

New Member

Re: Ciscoworks Archive Management Failures

did you ever find a resolution to this?  I'm experiencing exactly this problem.



New Member

Re: Ciscoworks Archive Management Failures

No. I'm off work this week but next week I'm going to open a TAC case for it.

New Member

Re: Ciscoworks Archive Management Failures

I've found a work around for this.

if you add the following on your switches, it will no longer prompt for the enable login.

aaa authorization exec default group tacacs+ if-authenticated

Once I added this aaa statement, CW could then login directly to exec mode...

I would think there would be another method for getting cisco works to function without having to add this to every switch, but if you're in a bind and need to get your configs archived, you could use this...