Solved: Username problem in Prime LMS 4.1

pvezina · ‎02-21-2012

Hello everyone,

I just installed Cisco Prime LMS 4.1, and now I want the user authentication to integrate with my TACACS server. I try to add my users with the same username as they appear in Tacacs, but in LMS when I try to add a user that has a dot in it, ex: "smith.j" it says that the "." is an invalid character. Is there a way around that, because I don't want to rename every user in Tacacs, plus the fact that I want to integrate Tacacs with LDAP soon.

Thanks a lot for your help.

Patrick Vezina

Technical Advisor

Michel Hegeraat · ‎02-22-2012

There is also a policy for usernames in LMS.

Admin -> System -> User Management -> Local User Policy Setup

That currently says no dot in the name, which I believe is a good thing actually :-)

Check that first.

Cheers,

Michel

View solution in original post

yjdabear · ‎02-21-2012

If your TACACS server is Cisco Secure ACS, you can try to import the users with the CLI utility below directly.

http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.1/user/guide/admin/appendixcli.html#wp1064833

Importing Users From ACS

To import users from ACS through CLI, enter the following commands:

•NMSROOT/bin/perl NMSROOT/bin/AddUserCli.pl -importFromAcs Filename Password (on Solaris/Soft Appliance)

•NMSROOT\bin\perl NMSROOT\bin\AddUserCli.pl -importFromAcs Filename Password (on Windows)

where,

•Filename — Ouput of executing CSUtil.exe.

•Password — ACS password which is the default password assigned to all users.

If you're running another TACACS server, you can export the user + pass from that, then import the list with a script built around the "NMSROOT/bin/perl NMSROOT/bin/AddUserCli.pl -add" utility:

http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.1/user/guide/admin/appendixcli.html#wp1015980

In either case, hopefully the CLI tools would whine about or acquiesce to the dot in the username.

Michel Hegeraat · ‎02-22-2012