Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

LMS 2.5 and AAA: UT & Campus

Hi

For anybody, who has problems with integrating ACS and CW2k. Until the lates CM - update 4.0.5 there is an error handling the authorization of ut. The ut application always uses the account 'admin' for authorization and not the logged in user-account. The user logged in must have the authorization too (for opening the ut application), but after starting the query only the admin counts... (or you are getting an application error).

It took some minutes to see this.

With the topology i have other problems: Almost every device has the state "Unreachable" - don't know why (about 10 of 850 devices are reachable, but in different groups). The user account i'm using have rights for all devices. Anybody knows ?

regards

Roland

3 REPLIES
Cisco Employee

Re: LMS 2.5 and AAA: UT & Campus

If a device shows as unreachable in the Topology Map, then there was a problem contacting the device during the last Data Collection. Data Collection uses the SNMPv2 read-only community string or v3 username/password in DCR to contact the devices. Verify that these credentials are correct. If DCR has the correct credentials, test a few of the devices from Device Center to make sure you can successfully walk the system table (use the SNMP Walk tool).

If all SNMP verification checks out from the CiscoWorks server, then run another full Campus Manager Data Collection from the Campus Manager > Administration dashboard.

New Member

Re: LMS 2.5 and AAA: UT & Campus

Sorry, I forgot to mention that before switching to ACS-Authorization all 850 devices in Campus was reachable and after switching back to the integrated role model of Ciscoworks all is ok again. This is only a problem of Campus wich ACS-Authorization, RME, Ciscoview and usertracking works fine (config archive, inventory, collecting usertracking-data from the "not reachable" switches ...)

regards

Roland

Silver

Re: LMS 2.5 and AAA: UT & Campus

Hi Roland,

i have an open TAC-Case regarding ACS-LMS integration.

The problem is similiar to yours: CV, RME and CS are working as expected. Only CM in special Topology View does not.

My goal was a setup for different users and each of these users should have priviliges only to a given set of network devices (in ACS called NDG).

Today i am off work but tomorrow i will try to investigate this problem again.

It would be nice if we can discuss this "phenomenon" further on.

I assume you are working in Germany too?

If yes lets have a phonecall or e-mail?!

Best regards,

Frank

112
Views
0
Helpful
3
Replies
CreatePlease to create content