Cisco AAA/Identity/Nac :: ACS 5.3 User Creation Deletion Reports

Apr 11, 2012

I could not find any report in ACS 5.3 which gives details on user creation and deletion in ACS. This feature was there in ACS 4.x but it seems not provided in 5.3 version.

View 3 Replies


ADVERTISEMENT

Linksys Wireless Router :: WRT610N Storage Link User / Group Creation?

Dec 30, 2008

I just got the WRT610N and I really like it so far, I'm playing with the NAS option and I can't get it to create any new users or groups. I click on the link, fill out the form and click on 'modify user' (The set-up guide has a button there for 'save settings') and nothing gets created. I tried this several times and there are no new groups or users. I checked the storage.info file and there is no additional users or groups there either. I think I can edit that file but I'm not too sure what these last 2 lines mean
 
nas_login@admin:admin:admin: off guest:guest:guest: onusers_content@admin:admin:admin:admin: off guest:guest:guest:guest: on

View 8 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.3 Reports Required

Jul 2, 2012

I have modified my radius accounting reports using "interactive viewer"  and saved successfully but the exported report doesn't reflect these changes. I'm just wondering what's the point of being able to modify the reports if you can't export your changes or there is something I'm missing?

View 3 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 - Monitoring And Reports?

Apr 3, 2012

We're currently running on ACS 5.2.0.26.9 with 2 appliances (one primary and one secondary).Today, I wanted to get some reports from the Monitoring and Reports tool. At beginning, it seemed impossible to generate them. Later, I decided to reload first primary and then secondary. As soon as I've done it, I got an email alert telling me that it failed parsing NAD.

Cisco Secure ACS -   Alarm Notification
Severity: Critical 
Alarm Name
System Alarm [Collector]
Cause/Trigger

[code]....
 
I don't really find where I can find the Collector log...Anyway now when I generate a 30 days report, I only get data up to 23.03.2012. Nothing recent !

View 7 Replies View Related

AAA/Identity/Nac :: ACS 5.2 Creation Of Network Admin Policy For Nx-os Devices?

May 28, 2012

i have acs 5.2 i need to create a network admin policy to our nx-os devices such as nexus switches, how this will be done on acs 5.2?

View 0 Replies View Related

Cisco AAA/Identity/Nac :: Automatically Email Reports From ACS 5.3?

Jul 7, 2012

Is there a way I can get the ACS (5.3) to email some of it's reports on a schedule?I'm hoping to send automated summaries of failed logins to the service desk each Monday morning.

View 3 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.0.0.21 Monitoring And Reports Database?

Jun 16, 2010

Just installed ACS 5.0.0.21.  Monitoring and reports database was working, but now is not.  When trying to open, I get "Monitoring and reports database currently unavailable.  Trying reconnect in 5 minutes."    From CLI "sho application status acs" gives me the following:
 
ACS role: PRIMARY
Process 'database'                  runningProcess 'management'                runningProcess 'runtime'                   runningProcess 'adclient'                  runningProcess 'view-database'             runningProcess 'view-collector'            runningProcess 'view-jobmanager'           runningProcess 'view-alertmanager'         running
 
Also, logs show nothing unusual.

View 6 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5 Favorite Reports And Sharing

Feb 21, 2013

Is there a way to configure a favorite report and share it to all all ACS administrators?

View 1 Replies View Related

AAA/Identity/Nac :: ACS 5.2 Using AD To Manage Network Device Admin Policy Creation

May 22, 2012

we managed to integrate our newly setup ACS 5.2 to our regional domain.  now im creating a Device Admin access Policy for Regional Network Admin group and Regional Network Operators group. each having full  and read access respectively. 
 
i already have the default  identity policy and authorization policy with with command sets  fullaccess and showonly for each group, now i dont know how can i match the AD group regionaladm and regionalops so that  each user falls under one of these groups will have a correct  read/write access.

View 4 Replies View Related

Cisco Switching/Routing :: 4500 Switch Reports Ports As 10 / Full While Other Side Reports 100

Oct 31, 2011

we have a 4510r-e running  12.2(50)SG1 w/ various rj45 line cards and a 24 port glc card.at any given time, i see 10's of ports in 10/full.i go to the station, and find the station in 100/full or 1000/full.

i go to the switch w/ my fluke, connect it directly to the switch w/o any intermediate infrastructure except a 50cm cat6 patch cable.the fluke reports 1000/full, but THE SWITCH PORT REPORTS STILL 10/FULL.all ports are config'd 'speed auto'  and 'duplex auto'.
 
the switch  seems to be erroneously reporting 10/full.there are no errors logged on any of the ports and there is successful communications even when the station and switch port report different speeds.even though there are no errors logged nor reported  by 'show int [port]' nor 'sho int count error' certain killer applications crash on some stations. (the applications are GHOST (which dumps disk images from a server to multiple stations) and NETOP (which i sused in a classroom to transmit an instructors screen to a room full of stations)  both of which broadcast and/or multicast.all nodes involved in the above 2 applics are on the same vlan and same phyiscal subnet.

the ports which report 10/full vary and occur even when the above applics are not in use.the only way i found to clear this 10/full report is by either a hardware reset of the entire module or by unplugging the cable, the execute on the port shutdown, speed auto, no shutdown, reconnect cable.then it's just a matter of time until it pops back to 10/full in a few minutes,hours or days.
 
how to address the killer applic problems besides restructuring the whole net by defining separate vlan for each lab of 20 or so stations?

View 7 Replies View Related

Cisco AAA/Identity/Nac :: Windows Domain Account To View Reports Acs 5.2

Oct 5, 2012

We have a Cisco ACS 5.2 deployment (appliance).  It has an existing integration with Active Directory.  We utilize this with RADIUS to authenticate our wireless users and TACACS for managing our network equipment.The RADIUS reports are useful for other teams (outside my own) to be able to troubleshoot password and account lockouts (everyone forgets to change the password on their phone).I would like to allow this team and other access to view the RADIUS authentications report.

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 - No Start Records In Radius Accounting Reports

May 26, 2011

I do not see any start records in Radius Accounting reports but do see only Stop records ?
 
btw I am running ACS 5.2

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 - Delete Accounting / Authorization Reports Or Logs?

Oct 5, 2011

How to delete the accounting/authorization Reports or logs ?

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.3 Showing Clear Text Password In Authorization Reports

Aug 8, 2012

When a tacacs user is changing the local password on the router (for local user), the acs 5.3 is showing the new password in clear text in authorization reports/logs.
 
This behaviour is seen on acs 5.x, whereas acs 4.2 is showing encrypted password in the reports.
 
I have checked debugs on Router and it is sending password in clear text in Tacacs Authorization packet but encrypted password in Tacacs Accounting logs.
  
Debug tacacs accounting
debug aaa accounting
4w3d: TPLUS: Received accounting response with status PASS

[Code]....

View 8 Replies View Related

AAA/Identity/Nac :: ACS5.1 Shows No Logged Events In Monitoring And Reports

Jul 17, 2012

I have a Cisco ACS 5.1 virtual appliance which has been working fine, I have however just discovered that it is now unable to provide me with any logs. TACACS authentication is still working without any issues, the only problem I have is viewing the logs.

View 6 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 User Roles And Restricting User Access To Add Items?

Sep 22, 2011

We are running ACS 5.2 patch 6 and want to restrict access for users to be able to add devices to the system.For example, admin person in site A can only add devices into the site A group and cannot see/access other sites groups.

View 1 Replies View Related

ICS Dependency Service Does Not Exist Or Has Been Marked For Deletion

Jan 16, 2012

Let me try to give as much info as I can to start. Running Windows 7 64bit Ultimate have all updates as of 01-16-2012. Recently had some malware that I removed not sure if there is a correlation. I am trying to connect my wireless connection on my pc to a router to run xbox and BD player. So I connect to my wireless network have my network card plugged into my router, connected to both networks. I go to properties on wireless connection click sharing tab check allow other network users to connect to the internet through this computer connection, also checked allow other network users to control or disable the shared internet connection. I click ok and get a error window that says in the title bar Network Connections the body of the window says, "An error occurred while Internet Connection Sharing was being enabled. The dependency service does not exist or has been marked for deletion. I looked through services and device manager in non pnp drivers everything looks right to me... I am not super familiar with networking issues so I may have missed or overlooked something easily.

View 12 Replies View Related

Cisco :: FWSM-6-106028 - Deny TCP (Connection Marked For Deletion)

Sep 30, 2011

we use FWSM , users getting connection refused while they try to connect to destination server. User subnet allowed in firewall to access the server with no port restrictions. when i see in firewall logs, i see belwo error message for source usersubnet and destination server %FWSM-6-106028: Deny TCP (Connection marked for Deletion)

View 1 Replies View Related

Cisco Switching/Routing :: Static Route Deletion Impossible On Nexus 7010

Jan 3, 2012

I am working on Nexus 7010 with NX-OS 5.1.5. I have to delete the static route 10.10.0.0/16 via 10.16.0.21. [code] I try to remove the route with the command "no ip route 10.10.0.0/16 10.16.0.21" and I have the message below % Route not deleted, it does not exist..I don't understand why I have this message because the static route exist.

View 9 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 Add A User Into Several Groups?

Apr 5, 2011

We are running two ACS appliances but we cannot figure out how we can add a user into 2 differents groups.Here's the context :We have a company A which is having devices, this company uses Group A.then we have a company B which is having devices, this company uses Group B.But the admin has to manage the devices for both companies A & B.We don't want to mix devices from company A with company B.Is there a way to add the user into both groups A & B.

View 5 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 Maximum User ID

Jan 5, 2013

what is the maximum user IDs that I can create to the ACS server? The client have an ACS appliance with version 5.2.

View 2 Replies View Related

Cisco AAA/Identity/Nac :: Restricting User Sessions In ACS 5.1?

Jul 26, 2011

We are using ACS 5.1 in our network. We have created users and grouped them as per the requirements. We want to restrict the user sessions in the network. A user should authenticate and able to access a network resource. But when he is active with that session, we need to block him from another successful authentication. We want to avoid multiple users using same user credentials for logging into the devices. whether this can be achieved by making configuration changes in ACS.

View 2 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.1 How To Deny Access To User

Jun 12, 2011

I have ACS 5.1.I have created the Identity Group 'Admin' and added 2 users in that, say User1 and User2.How do I permit only User1 to get authenticated when he logins in to the device?There is option to select 'UserName' while creating Service Access Policy , but I have observed that though I have mentioned only User1 in the rule, User2 is also getting permitted

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 Limited User Account?

Mar 29, 2013

i have cisco ACS 5.2 and want to create user account for technician, with only certain commands.

View 3 Replies View Related

Cisco AAA/Identity/Nac :: User Change Password On ACS 5.3

Mar 7, 2012

On the ACS ver5, there is a "User Change Password" feature. When i click the UCP WSDL, it gives me a page with WSDL language. how is it supposed to be installed? does it copy or install to any web server

View 1 Replies View Related

Cisco AAA/Identity/Nac :: Can Add / Modify ACS 5.2 CLI User Roles

Apr 28, 2011

My company's security group uses Tripwire to monitor for changes in start-config and running-config on network devices in PCI scope.  We are migrating from ACS v4.2 to v5.2.  I need to create the account for Tripwire on the ACS Appliance but did not want to assign the admin role which would give access to configure terminal.  The user role does not have privileges for show start-config or show running-config.  Am I missing something or are these the only 2 roles available at the CLI?  Can another rolle be added?

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.3 Local User Authentication

Nov 12, 2012

I want to have a local user in ACS that is permitted to login to routers. I have TACACS with AD already working but cannot get a local user to work. I used to do this in ACS 4.x.I created a user in the internal identity store.I tried configuring a policy to allow this users TACACS authentication multiple ways to no avail. I cannot find a config example doc and cannot figure it out from the user guide as the documention is sorely lacking.

View 5 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.2 - Delete Specific Log For User X

Jun 25, 2012

on the acs 5.2 , how to delete specific log for user X, ?

View 3 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.3 Connected To AD Locking Out User?

Feb 18, 2013

  So we have this problem that just started, I can replicate the issue as well, if a user makes a mistake on typing there password after 1 attempt ACS sends 3 to AD locking out the user.
 
  In a putty or secureCRT session after 1 password failed attempt, I am unable to retry with that same session.

  The issue seems to be that after 1 bad password attempt, from the client side I am unable to get another try.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ACS 4.2 User Group Mapping?

Sep 12, 2012

We are using ACS 4.2.1.15 with patch 8 on ACS 1113 SE box.
 
Our requirement is to assign ACS loal group to user on basis of windows Nt group. Which means I dont wants to create individual users in ACS rather when user will login, the auth request will be forwarded to AD(remote database). Depeneding on the remote database group the user should be mapped to local database.
 
For this I have configured "database group mapping" according to following cisco guide. [URL] 
 
However when ever my AD users are authenticating they are getting the membership of default group as configured in "Default" profile. I am using TACACS+ protocol in my routers and switches for authentication.
 
whether "Group mapping by External user database"  works with TACACS+ or only with RADIUS protocol. If it works with TACACS+ what else configuration need to be done so that my ACS can map users to proper groups instead of default group.

View 4 Replies View Related

AAA/Identity/Nac :: ACS 5.2 Machine Authentication And AD User?

Sep 1, 2011

I am trying to setup up a rule to allow wireless access only to users in my AD when they use computers from my AD.I have Machine authentication working on it's own (computer boots up and connects to wireless - confrimed by ACS logs) I have User authentication working But when I try to creat the floowing rule:it does not work.
 
Access Policy
Access Service:
Default Network Access Identity Store:
AD1
Authorization Profiles:
DenyAccess
Exception Authorization Profiles:
Active Directory Domain:

[code]....
 
Everything seem to fine until it gets to the last rule.

View 1 Replies View Related

AAA/Identity/Nac :: AD User Password Changing With ACS 5.0?

Oct 11, 2011

I use ACS appliance 1120 for cisco devices administration. The identity store is  external. I use Active directory. Actually, Authentication, authorization and accounting work well but users can not change theirs Active directory password when they have expired. Do you now how to configure ACS to permit password changing?

View 5 Replies View Related

AAA/Identity/Nac :: ACS 5.4 And User Admin Roles

May 8, 2012

we have created some administration accounts which should only have the possibility to work on the user database.  the useradmin role is to limited to create a user and set a fixed password only, but not able to enable the users authentication against a predefined external identity store. Other roles which makes this possible are far  to powerful for a second level adminstrator.The adminstrator should have the possibility the create an user and set the password check against an external database. This is not possible with the predefine role "UserAdmin". Other roles do have to many rights for these users.

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved