Cisco AAA/Identity/Nac :: Rename Existing Username On ACS 4.2 Application
Mar 22, 2011how can we rename an existing username on ACS 4.2 Application.I don't want to rename the group just the username.
View 3 Replieshow can we rename an existing username on ACS 4.2 Application.I don't want to rename the group just the username.
View 3 RepliesI wonder if there is a way to rename an existing SSID on aironet 1142 without destroying/recreating. I tried downloading configuration/ changing name/ re-uploading however that didn't have desired effect. There doesn't seem to be a way via web-GUI.
View 3 Replies View RelatedIs it possible to rename an existing VDC on Nexus7000 without deleting it and creating it again with the new name ?
View 2 Replies View RelatedI am runing ACS 4.2 on Windows 2003 and for some reasons I need to rename the server name?
View 1 Replies View RelatedWe now have a new requirement . We are replacing existing pair of CSS with ACE 4710 appliances. The problem here is that I can see from the configuration that some SSL certificate installed in CSS .Is it possible to transfer the existing SSL certificate from the 11503 to the ACE? Or, do we need to generate a new key pair and CSR on the ACE? Is there any document available to know the steps for the same.
View 2 Replies View RelatedDoes ACS 5.3 has a feature to allow you to change or otherwise manipulate a user-name value within ACS as an authentication request comes into the system.
We want to use ACS to authenticate users to a particular device, but the device does not allow us to have username's in the format that we require, and the rest of our systems allow and require.
We want a way of manipulating the user ID of someone logging into the system, so that when the authentication request hits the ACS their username is massaged into the format we require, before being further processed against identity policies etc.
Question on this, is 5.2 backwards compatible with 4.2 appliance? If not, what is needed to bring the 4.2 appliance up to 5.2 and will the VMWare version work for the second system with the appliance as primary? Years ago I had 2 of them and replication worked flawlessly, but we had to take the one unit offline for another project and have never replaced it.
View 3 Replies View RelatedWe're using AAA Sec4.1 and we need to bind the username with IP address for remote VPNs configured on Netscreen ISG2000 firewall. We want AAA should check two things against any user first IP address and second Username in order to authenticate the users.
View 1 Replies View Relatedwe have a new ACS 5.2 server, and are having a problem with the case sensitivity of ACS. Basically, what is happening is that some users are capitalizing the first letter of their AD username, and it's causing ACS to deny their access due to the case of their username. For example:
Username yyy0h22 grants admin access to a device. However, Username Yyy0h22 denies access to a device.
Is there a way to make it so that no matter uppercase or lowercase, we are giving this person access? Without having to make a different rule for each permutation?
I'd like to know if there is a way to exclude passed authentications for a specific username from reporting in the Authentications-TACACS and Authentications-RADIUS reports?
We have a few usernames that are used in scheduled jobs. We only need to know when they fail authentication, so we don't need to fill up the reports with every passed authentication from these accounts. Can this be done?
Why my asa5520 brings out:
sh curpriv
Username : enable_15
Current privilege level : 15
Current Mode/s : P_PRIV
while i am logging in with my username which is XXXX. And in my ACS accounting logs I cannot see which user did what.
In my ACS 5.4 I want to have same useranme to use two shell profiles. Here is the requirement.One shell profile with privelege 15 for IOS device admin and other one with different privelege for WCS admin.As there can't have two shell profiles on the same authroization profile, I created two different profiles, and match with the ACS local group name. However whenever user tries to access it always hits the 1st profiles.
View 3 Replies View RelatedI need to change the username and password ACS uses to connect to AD. I do a "clear configuration" and reboot and am unable to join the ACS appliance back into my AD with a different username and password. I am able to rejoin the ACS machine to the domain using the original username and pass. how to clear all of the AD config off of the appliance and start fresh and use a new account to join AD?
View 3 Replies View RelatedI have a weird issue. I recently setup an ASA 5510 and had SSH working. To make it easier on my VPN users I then decided I wanted to setup a Windows 2008 Network Policy Server for RADIUS authentication. Ever since I added the RADIUS part to aaa authentication, when I use SSH to connect to the ASA it will not take the local user name and password I have setup. I can however get in using a Domain user name and password. Below is the SSH and AAA configuration. Am I missing something here? The username and password in the ASA is not on the domain and it's like the ASA is not even trying LOCAL when it tries to authenticate. I want it to use the local username and password if possible. I'm kind of new to ASA's..
On another note, I have never been able to SSH in on the internal interface. I always get a "The remote system refused the connection" error message. I can only use the outside interface.
Site-ASA# sh run | in ssh
aaa authentication ssh console SERVER_RADIUS LOCAL
ssh 0.0.0.0 0.0.0.0 outside
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 60
[code]....
My question is on ASA and ACS5.2 users.Have my ASA SSL VPN and IPSEC VPN, the my ACS5.2 many users, for example, wireless user.I would now like to establish an independent user group, only the VPN user name and password, while both the ASA VPN can only allow users in this independent group of ACS5.2 VPN login, how to configure?
View 1 Replies View RelatedCan I use AAA Radius on a ASA 5505 to block outgoing user access by user name in a group?
View 2 Replies View RelatedThe animation school I work for is going to change names soon. The website already reflects the name change. The CEO wants all current emails changed to fall in with the proposed change as well as changing the school domain. Currently the system works fine as it is and I am of the opinion that changing the internal domain name space will have no effect whatsoever on people outside of the organisation. If there is no need to change things, then possibly re-directing emails internally would mean minimum fuss to daily operations within the school. Has anybody found themselves in a similar position and what was the outcome?
View 7 Replies View RelatedI have Cisco ACS 4.2 since few days users can not change their password, what could be the issue? Even after resetting the password I got error.
View 3 Replies View RelatedI've got a Cisco 2504 wireless controller, and I'd like to rename the AP name in the overview (at Monitor > AP's > Radios) so that I know which unit is placed where and hence be able to troubleshoot more easily.I haven't found any info about this, and usually that means it's not an option, right? I realise the AP name field comes from the device itself, but it seems impossible to rename the device too since I'm running on lightweight, correct?
View 9 Replies View RelatedMy Sony internet TV is connected to my (DIR-655) wireless LAN. It is listed on the Status Page and I can identify it by IP address and/or MAC address. The Name field, however is blank. How can I change it so that it is more clearly indicated as my TV connection?
View 4 Replies View Relatedhow do I rename my ssid on belkin n600 db. it did not come with a cd rom and all the online manuals do not discuss it.
View 1 Replies View RelatedAlthough, ACS states its installed, after going through the startup. However when I do show application nothing comes up. When I do a application start acs, %Application failed to start.
View 7 Replies View RelatedI have an ACS 5.4 which is integrated with AD and a RSA. Is there any possibility to Stop the ACS Application automatically if either of these devices are down.
View 2 Replies View Relatedprocedure to apply the 5-2-0-26-4.tar.gpg patch. I don't know how to get the patch file into the ACS server.The procedure in the "Read me" for the patch does not indicate anything about how to this:
1. open CLI console2. define new repository in which the 5-2-0-26-4.tar.gpg resides3. issue: 'acs patch install 5-2-0-26-4.tar.gpg repository YOUR_REPOSITORY'4. verify installation by getting the following version information via CLI by issuing:#show application version acs I don't know how to put the patch file from my local machine to the repository created in the GUI (if there is where the actual place to creat the repository).
I had a working server running ISE version 1.1.0.665 but someone in the build room decided to pull the power out of the server rather than shutting it down correctly. I have booted the server back up however the web management page was not accessable. I have checked the server status and the end result is the Application Server in the "still initializing" stage. I have left the server for several hours and the status has not changed.
I know people have previously run into this issue but no one has posted any resolution or confirmed that a rebuild is the only solution. I have tried to create an on-demand backup but it seems to fail when attempting to provide the credentials (which are correct) for the FTP server.
I'm trying to upgrade my ACS 5.3 (patch 7) to ACS 5.4 and I've downloaded the application bundle from Cisco. I'm transferring the app bundle via FTP towards the VM containing ACS, yet I ALWAYS get %Manifest File not found in bundle. I've opened the bundle and found the manifest .xml inside.
I've double verified MD5 checks, size files, re-downloaded everything, even copied it to the local disk of the appliance. Also browsed through this forum to see that there are people having the same problem with other ACS version upgrades and besides re-downloading and using FTP there isn't a specific solution. I'm always getting this error. I know that it must be possible to do upgrade, but I'm stuck. I do see on the FTP server logs that the file gets transferred, but as pretty much as soon as it finishes transferring (not enough time in my view to extract a 1.2 GB file) I get an error
I'm doing the:
application upgrade ACS_5.4.0.46.tar.gz FTP
(...)
%Manifest file not found in the bundle
what the "ACS 5.2 application upgrade package" is? I've seen this package on the download software area but couldn't find any document on this.
View 2 Replies View RelatedWe have lots of new lap1041 need be set static IP Adress, hostname, Controller Adress via command line, but when use command (capwap ap hostname) to set hostname , always give us command disabled, we used command:clear capwap private-config, but it does not work, why?
View 4 Replies View RelatedI have a very unusual issue with my installation of ISE on my VMWare ESXi 5.0 environment. but whenever I issue the command "show application statuse ise" I get the following output:
ISE Database listener is running, PID: 13675
ISE Database is running, number of processes: 27
ISE Application Server is running, PID: 15163
ls: /opt/TimesTen/tt1121/lib/*.jar: No such file or directory
ISE M&T Session Database is not running.
ls: /opt/TimesTen/tt1121/lib/*.jar: No such file or directory
ISE M&T Log Collector is running, PID: 15379
ls: /opt/TimesTen/tt1121/lib/*.jar: No such file or directory
ISE M&T Log Processor is running, PID: 15457
ls: /opt/TimesTen/tt1121/lib/*.jar: No such file or directory
ISE M&T Alert Process is running, PID: 15296
We upgraded a CSACS-1121 from ACS 5.2 to ACS 5.4 with CLI Application upgrade ACS_5.4.0.46.0a.tar.gz FTP After ACS reboot, services never start... After 15 hours, we always get same message:
ACS/admin# show application status acs
Application initializing...
Status is not yet available.
Please check again in a minute.
We installed patch 5-4-0-46-2.tar.gpg but we got same issue for 2 hours ...What could I do?
I haven't found a way to rename the Guest account on my E3000 router. If my router is named HomeRouter the Guest account automatically gets the name HomeRouter-guest. I have disabled the router's SSID broadcast, but it still broadcasts the almost identical Guest account.
View 4 Replies View RelatedThis is the error message I am getting on our ACS 5.1 appliance - is there anyway to purge the database or compact the file?
View 1 Replies View RelatedEverytime I make a config change to one of the contexts on our ACE20, I get this message: Config Application in Progress. This command is queued to the system
If I run show download info, I get:
context : context1
Interface Download-status
--------------------------------------------------------------
187 In Progress
199 Pending
Regex download optimization status : Couldn't get status[TNRPC Timed out]
It eventually seems to complete, but it takes a very, very long time. We are running Version A2(3.5) [build 3.0(0)A2(3.5)].