Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

LMS 3.2 - Problem with inventory of switches using AAA authentication

Hi all,

we want to migrate our network equpiment from local authentication (telnet password, enable password) to AAA authentication (Cisco ACS server - username, password for priv level 15). The network devices are managed with CiscoWorks 3.2 and inventory works fine when device login credentials are telnet password, enable password.

I have configured a switch for testing the authentication to the ACS server, and tested the logon manually. After the successful test I reconfigured the device credentials in CiscoWorks and checked it by a device export with credentials. The credentials in CW were OK, but from this time CiscoWorks could't pull an inventory of the switch any more. Every inventory job failed.

Any help would be appreciated. Thanks a lot.

Regards

fred

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: LMS 3.2 - Problem with *archiving* of switch configs using A

Your prompt is not the default.  Edit NMSROOT/objects/cmf/data/TacacsPrompts.ini.  Set the content to:

USERNAME_PROMPT=username:

PASSWORD_PROMPT=password:

(I am assuming the password prompt is lowercase as well).

Then just re-run your sync archive job.

4 REPLIES
Cisco Employee

Re: LMS 3.2 - Problem with inventory of switches using AAA authe

Inventory collection has nothing to do with the telnet/SSH credentials.  Inventory is fetched using only SNMP.  What error did you get when you ran the new inventory sync?  What type of device did you use for the test?

New Member

Re: LMS 3.2 - Problem with *archiving* of switch configs using A

Joe,

excuse me, I've made a mistake. It's the malfunction of the configuration *archiving* which depends on telnet services. I have included the trace file of the failed CW archiving job. I can see that CW receives the banner and the username prompt, but doesn't send back any telnet credentials. I have also checked the correctness of the device credentials by a DCR export.

fred

Cisco Employee

Re: LMS 3.2 - Problem with *archiving* of switch configs using A

Your prompt is not the default.  Edit NMSROOT/objects/cmf/data/TacacsPrompts.ini.  Set the content to:

USERNAME_PROMPT=username:

PASSWORD_PROMPT=password:

(I am assuming the password prompt is lowercase as well).

Then just re-run your sync archive job.

New Member

Re: LMS 3.2 - Problem with *archiving* of switch configs using A

Joe,

thanks a lot. Problem is solved. I like this forum!

fred

425
Views
0
Helpful
4
Replies
CreatePlease to create content