10-15-2010 03:13 PM
Hello,
I am new to the Cisco and networking world. I recently found out that for compliance reasons we must change the password on all of our devices since an administrator has left. With over 300 devices is there a tool I can run that would be able to update the password on all these devices? Would such a tool or does such a tool exist that would allow me to update the config for logging as well?
My apologies if these questions are extremely obvious and remedial. With my lack of knowledge on the subject I could not think of the right words to even string together an effective google search. The results I received had products like Orion NCM and Kiwi CatTools. I was not sure if these are even trustworthy.
Thank you for any help that can be provided and please again forgive my ignorance.
10-17-2010 03:40 PM
Hi,
Ciscoworls LAN Management Solution (LMS) http://www.cisco.com/en/US/products/ps11200/index.html is the product that would allow you to do this (plus a lot more). There is an evaluation copy that you can download and use for 90 days, but after that you would need to purchase.
Regards
Derek Clothier
10-17-2010 04:22 PM
Why not user RADIUS or TACACS?
10-17-2010 04:57 PM
Hi,
RADIUS & TACACS are just the AAA protocols. You can't use the AAA server to change device configuration. I interpretted your initial question as meaning thatyou needed to change the local login password on all 300+ devices. If your devices are configured to use Radius / TACACS as the authentication protocol, then you would simply need to do a single change on your Radius/Tacacs server to change the password for the particular login acount, or delete the previous administrator login account and set up a new one.
LMS would allow you to update the logging configuration on multiple devices in a single job
Regards
Derek Clothier
10-17-2010 05:37 PM
Mia culpa.
You are right about RADIUS and TACACS not able to change configs on a router. And yes, you are correct LMS 3.x or 4.0 will be best suited for this.
Maybe I should've made myself clearer that instead of changing the username/password on a switch everytime, enabling RADIUS and/or TACACs would've been easier.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide