AAA/Identity/Nac :: Add User (mac-addresses) To ACS 4.2 Via RDBMS With CSV File?
Mar 23, 2011
I would like to add user (mac-addresses) to the ACS4.2 via RDBMS with a .csv file. How can I simultaneously add supplimentary user infos, like Real Name and Description ?
View 3 Replies
ADVERTISEMENT
Sep 22, 2011
We are running ACS 5.2 patch 6 and want to restrict access for users to be able to add devices to the system.For example, admin person in site A can only add devices into the site A group and cannot see/access other sites groups.
View 1 Replies
View Related
Mar 5, 2011
I run a home private server on Centos 5.5 I believe. A while ago, a surge destroyed a different computer with pictures on it that my parents would like to access. The hard drive itself is just fine, and I've backed up those files on an external hard drive. What I would like to do is allow my parents to access them through Samba. Samba has already been in long time use, but it is configured to only allow access in a jail inside each user's home folder on the root hard drive. I have a suitable hard drive already formatted and mounted that can fit all the pictures that they wish to have access too. What I'd like to do, is change the path that one of my users use to the mounted hard drive.
View 3 Replies
View Related
Apr 16, 2012
I have a solution of thre ACS.. one primary and two secondaries. My customer report me that in port of the switch where is connected the ACS show two mac address. [code]
View 1 Replies
View Related
Jan 2, 2012
Having problem locating why when a user logs on to their profile, their personal network drive shows everyones personal drive file and they have acces to all files.This is a major security concern as uppper management files are then accessable.It is random, may not always be displayed, or always occur on the same user.The User drive normally displays.
joed on \serverusers$ (H:)
When this takes place the users name is replaced with just Users Users on \serverusers$ (H:) (This can sometimes change to Z drive)
This then exposes all user drives.This does not run from a script but is used in AD under the profile drive letter. Have tried to:Rebuild profile in Active Directory. (New Profile)Re Build user profile on workstation>Rebuild Operating system on Workstation.Change drive on the user profile in AD letter H to Z.Have also tried on a different workstation.
View 1 Replies
View Related
Dec 8, 2011
I imagine I can use the framed-ip-address attribute to assign ip-addresses but there seem to be support for static ip addresses only?A bit of a drag when we're talking 200+ nodes.
View 1 Replies
View Related
Apr 26, 2011
I have my SSL server certficate on my old acs 3.3.along with private key file , How i can export this private file with .pem extension from windows 2000 server , This private key file is not identified under certificate mmc console , Because my acs application is being installed on a separate hardisk partition under D drive .
file path : d:Certificates�h02cacsw02.pem
how i can export this.pem from that particular folder
View 4 Replies
View Related
Sep 13, 2012
how do i set limit on the log file size in ACS 5.3. I had the same issue with Nexus 1000v but there is a command that enables you to set log file nane and size. it is getting bulky.
View 7 Replies
View Related
Jun 16, 2011
Is there a way where I can just export the clients from one server and restore them onto another?
Is tehre maybe a way to convert the dmp file to another format, like csv, then modifying it and converting back to dmp?
View 3 Replies
View Related
Jan 20, 2013
I had ACS 5.2 ( Evalution License ) setup installed on VMware with patch 11 when I try to restore earlier backup of ACS gives me error "Cannot find acsbackup_instance.log in the backup file"
I am using Filezilla FTP sever for backup transfer.
View 5 Replies
View Related
Sep 1, 2011
I am trying to setup up a rule to allow wireless access only to users in my AD when they use computers from my AD.I have Machine authentication working on it's own (computer boots up and connects to wireless - confrimed by ACS logs) I have User authentication working But when I try to creat the floowing rule:it does not work.
Access Policy
Access Service:
Default Network Access Identity Store:
AD1
Authorization Profiles:
DenyAccess
Exception Authorization Profiles:
Active Directory Domain:
[code]....
Everything seem to fine until it gets to the last rule.
View 1 Replies
View Related
Oct 11, 2011
I use ACS appliance 1120 for cisco devices administration. The identity store is external. I use Active directory. Actually, Authentication, authorization and accounting work well but users can not change theirs Active directory password when they have expired. Do you now how to configure ACS to permit password changing?
View 5 Replies
View Related
Apr 5, 2011
We are running two ACS appliances but we cannot figure out how we can add a user into 2 differents groups.Here's the context :We have a company A which is having devices, this company uses Group A.then we have a company B which is having devices, this company uses Group B.But the admin has to manage the devices for both companies A & B.We don't want to mix devices from company A with company B.Is there a way to add the user into both groups A & B.
View 5 Replies
View Related
May 8, 2012
we have created some administration accounts which should only have the possibility to work on the user database. the useradmin role is to limited to create a user and set a fixed password only, but not able to enable the users authentication against a predefined external identity store. Other roles which makes this possible are far to powerful for a second level adminstrator.The adminstrator should have the possibility the create an user and set the password check against an external database. This is not possible with the predefine role "UserAdmin". Other roles do have to many rights for these users.
View 4 Replies
View Related
Jan 5, 2013
what is the maximum user IDs that I can create to the ACS server? The client have an ACS appliance with version 5.2.
View 2 Replies
View Related
Jan 31, 2012
I continue to export a Certificate Signing Request for our local CA. They insist they are getting a parsing error (Invalid algorithm specified) when they cut and past or import the file I send them. In fact, they have stated that they have had this error with another Linux-based CSR.
I'm not find this issue prevalent on the Internet, so I wonder is this if a user issue on their behalf or the fact that they are using a Win2003 box as a local CA.
How to get a Cisco ACS ".pem" file signed in a local Win2003 CA or advise to an alternative to configuring 802.1x using EAP-TLS?
View 3 Replies
View Related
Mar 3, 2011
I have successfully installed the 5.0.21.9 patch and ADE-OS 1.2 update but when I attempt the 5.1 install via "app install ACS_5.1.0.44.tar.gz local" I get the error "Manifest file not found in the bundle."
Here is a debug of the install:
HOST/admin# app install ACS_5.1.0.44.tar.gz local Do you want to save the current configuration ? (yes/no) [yes] ? Generating configuration...Saved the running configuration to startup successfully6 [30662]: application:install cars_install.c[195]
[Code].....
I created the repository by TFTPing the file to disk:/Upgrade and pointing a repository to disk:/Upgrade. I verified the checksum of the file as it sits on my TFTP server and also manually extracted the file to verify the manifest.xml file is actually there.
View 5 Replies
View Related
Sep 19, 2011
have a ACS 5.2 version installed on Vmware . I purchased below liscense
Product Name : L-CSACS-5-LRG-LIC=
Product Description : L-CSACS-5-LRG-LIC= : ACS 5 Large Deployment License (Electronic Delivery)
When i am trying to upgrade the liscense i am getting an Error " Liscense file installation failed : The liscense file must contain single base liscense "
View 2 Replies
View Related
Sep 26, 2011
We have configured ACS 5.1 for autenticating wireless users with active directory, which is working fine now.But we would like implement that single user should be authenticated through ACS . If any user try to access WLAN from multi system will be notified with multi login access restriction.Can we implement this policy in acs, if possible what are the exact configuration changes we have to implement.
View 1 Replies
View Related
Apr 30, 2013
I am looking for the way how to disagle logging of one user. We are using one testing user for checking accesibility of ACS from large number of switches - this checking exhausting logs quite quickly. Is it possible to disable logging of such user?
View 2 Replies
View Related
Dec 28, 2011
We have cross domain trust relationship established and I have added the user group in our ACS 5.1. we are using Active directory as an external Identity store. Also I have created a rule in the 'Access polices' to allow the user group. From the cross domain, I use abc@xxx.xyz as a user id, but I get this error message 13036 Selected Shell Profile is DenyAccess.
View 3 Replies
View Related
Nov 16, 2006
I Need to create more options on Cisco ACS 5.2 under internal identity store in users. How to do add, default not showing all.
View 6 Replies
View Related
May 27, 2012
I Need to create more options on Cisco ACS 5.2 under internal identity store in users. How to do add, default not showing all.i have seen on internet.
View 1 Replies
View Related
Jul 26, 2011
We are using ACS 5.1 in our network. We have created users and grouped them as per the requirements. We want to restrict the user sessions in the network. A user should authenticate and able to access a network resource. But when he is active with that session, we need to block him from another successful authentication. We want to avoid multiple users using same user credentials for logging into the devices. whether this can be achieved by making configuration changes in ACS.
View 2 Replies
View Related
Jun 12, 2011
I have ACS 5.1.I have created the Identity Group 'Admin' and added 2 users in that, say User1 and User2.How do I permit only User1 to get authenticated when he logins in to the device?There is option to select 'UserName' while creating Service Access Policy , but I have observed that though I have mentioned only User1 in the rule, User2 is also getting permitted
View 1 Replies
View Related
Mar 29, 2013
i have cisco ACS 5.2 and want to create user account for technician, with only certain commands.
View 3 Replies
View Related
Mar 7, 2012
On the ACS ver5, there is a "User Change Password" feature. When i click the UCP WSDL, it gives me a page with WSDL language. how is it supposed to be installed? does it copy or install to any web server
View 1 Replies
View Related
Apr 28, 2011
My company's security group uses Tripwire to monitor for changes in start-config and running-config on network devices in PCI scope. We are migrating from ACS v4.2 to v5.2. I need to create the account for Tripwire on the ACS Appliance but did not want to assign the admin role which would give access to configure terminal. The user role does not have privileges for show start-config or show running-config. Am I missing something or are these the only 2 roles available at the CLI? Can another rolle be added?
View 1 Replies
View Related
Nov 12, 2012
I want to have a local user in ACS that is permitted to login to routers. I have TACACS with AD already working but cannot get a local user to work. I used to do this in ACS 4.x.I created a user in the internal identity store.I tried configuring a policy to allow this users TACACS authentication multiple ways to no avail. I cannot find a config example doc and cannot figure it out from the user guide as the documention is sorely lacking.
View 5 Replies
View Related
Jun 25, 2012
on the acs 5.2 , how to delete specific log for user X, ?
View 3 Replies
View Related
Feb 18, 2013
So we have this problem that just started, I can replicate the issue as well, if a user makes a mistake on typing there password after 1 attempt ACS sends 3 to AD locking out the user.
In a putty or secureCRT session after 1 password failed attempt, I am unable to retry with that same session.
The issue seems to be that after 1 bad password attempt, from the client side I am unable to get another try.
View 1 Replies
View Related
Sep 12, 2012
We are using ACS 4.2.1.15 with patch 8 on ACS 1113 SE box.
Our requirement is to assign ACS loal group to user on basis of windows Nt group. Which means I dont wants to create individual users in ACS rather when user will login, the auth request will be forwarded to AD(remote database). Depeneding on the remote database group the user should be mapped to local database.
For this I have configured "database group mapping" according to following cisco guide. [URL]
However when ever my AD users are authenticating they are getting the membership of default group as configured in "Default" profile. I am using TACACS+ protocol in my routers and switches for authentication.
whether "Group mapping by External user database" works with TACACS+ or only with RADIUS protocol. If it works with TACACS+ what else configuration need to be done so that my ACS can map users to proper groups instead of default group.
View 4 Replies
View Related
Dec 22, 2009
Just upgraded from 4.0 - to 4.2 then to 4.2.1 15. As you may have seen with periovous posts of mine its not been an esay ride.I have now managed to get it all working - backups AAA etc but for some reason i cannot get the replication to work! Its states the following...
Within the Database Replication active log - Error OutBound database replication failed - refer to CSAuth log file.Other lines in the log state its ok eg - Component logging reports was updated - being replicated to slave...
Please note that the $ is a symbol that i have used because the symbol in the log is strange and i cannot seem to be able replicate here with this text, for example $etworks - should be networks.
View 4 Replies
View Related
