ACS User database Backup
Is it possible to have the ACS user database in an excel sheet
Hi,
You can open .dmp file in notepad but that will not provide any info as its not user readable.
You need to export the lsit of users in .txt extension
here is the command that you need to run from the command prompt where ACS is installed
start > run> cmd > go to this dir
C:\Program Files\CiscoSecure ACS v4.2\bin>net stop csauth
CSUtil.exe -u user.txt
C:\Program Files\CiscoSecure ACS v4.2\bin>net start csauth
Then you can easily access user.txt file in notepad.
HTH
JK
Similar Messages
-
Is it possible to export the user database stored in the Cisco Secure ACS Database to some file. I need to see all the user accounts and their group assignments etc to be able to do reporting on this.
Any ideas?yes... csutil -d will dump the db.
look at aaa-reports (www.extraxi.com) they can import the dump file and run reports off it. -
I have installed an ACS 3.3 on win 2003 server and I've encountered this problem:
Durin a mudification of some user (group belongings)some of this users, have been duplicated and une of this assigned to default group.
At this time these users (default group)is not possible to delete it.
Can anyone help me?
Tranks and RegardsThis appendix contains details on the Cisco Secure ACS command-line utility, CSUtil.exe. You can use CSUtil to import username, password, and group information all at once from a standard text file to back up and maintain your database.
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt26/usergd26/apimport.htm -
Can I limit the number that can use a specific user entry to 1 at a time in acs
I wouldnt say it cant be done... but you have to look and make sure the NAS-Port attribute looked sensible. Going back a few years I know Aironet, for example, was quite tricky to make work with max sessions.
The other thing is that because wifi comes and goes its hard for the AP to know when the session has finished. Max sessions was implemented with Dial in mind (yes thats how old it is!!!) ie real physical ports.
With wifi you could look at the number of mac ids in user by a user at any one time as a way to control concurrent sessions.
No not impossible, but probably unlikely to work reliably. -
How to manipulate the large Cisco ACS user database?
e.g. I have to change the settings of "disable the account if failed attempts exceed times" one by one. Is there a batch method of operation?
Use the JDBC-ODBC driver which is already installed with the JDK.
The best place to look is the Java Tutorial on JDBC which will gve you the basics, check out
http://java.sun.com/docs/books/tutorial/jdbc/basics/index.html
This will show you how to get a connection and from there it should be a matter of using standard SQL calls -
ACS 4.2.1.15 External User Database 'Authen DLL '
Having CSACSE-1113-K9 with ACS 4.2.15.
I want to confiure windows user database under extrenal user database but i get an error (attached) 'An error has occured while processing the Authen DLL Configure pagebecasue an error occured....'
External User Database----->database configuration --->Windows Database------>Configure.
I tried to stop the services and start agian but the same issue.
Th eappliance is secondary (backup) ACS. On the primary it is working fine.
Any help would be appreciated.
Regards,
BJHi Abdul,
Can you check if the remote agent on the windows server box is running the same 4.2.1.15 version as well.
Like if ACS -4.2.1.15 then make sure that remote agent is also 4.2.1.15
or
if ACS is running 4.2.1.15 patch 2 then remote agent should also be 4.2.1.15 patch 2
Let me know if the version is same and if not then install the remote agent correctly and try again. -
ACS and Windows 2000 user database communication port
Could my Windows 2000 SP4 + ACS v3.23 can install any new Windows 2000 service pack ?
I'm affraid to infect ACS Service.
So, I want to install firewall on this server to block malicious traffic.
However, my ACS used external user database Windows 2000 for authentication.
Who can tell me What protocols or port list they are communication?
I have to avoid these traffic on my firewall.Hi cheng
I think you can install any servie pack without problem and the SP4 is the latest one for WIN2000 and you server already has this SP
For your second question you need to specify many protocols according to your active directory config in this link you can find a list of this protocols and the best way is to make debug or logging or use a siniffer to know the exactly protocols flow between your ACS and AD server
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/deploy/confeat/adrepfir.mspx
Best Regards -
ACS support Kerberos User Database?
Hi,
I've a customer currently having kerberos user database. I proposed to him to implement ACS to enable 802.1x on wireless client. Can ACS support or integrate with Kerberos User Database? If yes, any user guide which list out the steps on doing so?
I searched through Cisco website but failed to find any info related to the integration of ACS with Kerberos User Database.
Thank.
DelonFor network users who are authenticated by a Windows user database, Cisco Secure ACS supports user-changeable passwords upon password expiration. You can enable this feature in the MS-CHAP Settings and Windows EAP Settings tables on the Windows User Database Configuration page in the External User Databases section.
-
Export User-Database between ACS-Server
Hi everyone ,
an ACS 2.3 is running under Unix with 3000 based user. The job is, to migrate the user-database to a new ACS-Server under Windows.
On the unix-version 2.3 there is no way to export the database to external.
The only way, i hope, is to mirror the old and the new server as redundant server and if the database is mirrored on both server, than the database is ready for export.
Is this correct?
Is there an other way?
Thanks for your input.
RalfThe migration should go to version 3.1 or 3.2 .
Ralf -
Intergrating ACS with user database in windows DC
Please,
I just installed and configured ACS on window 2003 server on my network. The next task is to integrate the user database in my DC with the ACS. I need you to tell me in steps what else that need to be done.The documentaion is not specific.
(I heard about 'remote agent' please what is this,and is it required?)I think you can map your DC groups to ACS group
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.0/user/guide/qg.html#wp940538
M. -
Restoring a User Database from External Backup
It has been a good 8 years since I have had to recover a user database from backup and I just really wanted a verification of what needs to be recovered.
Just recently had a user get a C00E error and the analyzer suggested restoring from backups. No problem, we run backups daily on the mail server (yes ... we use windows *sigh*) and we use Veritas Backup Exec. to run full/incremental backups.
In order to recover the user, do I just need to restore the userXXX.db located in the ofuser folder? Since it will be a couple days older, will I need to restore anything else or should that folder alone be fine?
Thanks in advance for any input.On 11/13/2012 1:26 PM, dpenney wrote:
>
> It has been a good 8 years since I have had to recover a user database
> from backup and I just really wanted a verification of what needs to be
> recovered.
>
> Just recently had a user get a C00E error and the analyzer suggested
> restoring from backups. No problem, we run backups daily on the mail
> server (yes ... we use windows *sigh*) and we use Veritas Backup Exec.
> to run full/incremental backups.
>
> In order to recover the user, do I just need to restore the userXXX.db
> located in the ofuser folder? Since it will be a couple days older,
> will I need to restore anything else or should that folder alone be
> fine?
>
> Thanks in advance for any input.
>
>
try that first
other things like MSGxxx and OFFILES are shared... -
Open database user managed backup
Hi
during open database user managed backup does data is written in the datafile which is put in backup mode ?
Please suggest
Thanks
Huzaifahuzaifa wrote:
Hi
during open database user managed backup does data is written in the datafile which is put in backup mode ?
Please suggest
Thanks
HuzaifaWhen an 'alter tablespace begin backup' command is issued the datafiles that belong to the tablespace are marked as hot-backup-in-progress. The dirty databuffers in the database buffer cache that belong to the database files are written out to the files and the datafiles are checkpointed. The datafile headers are updated to the SCN captured when the begin backup is issued. The datafile headers are not updated until the 'alter tablespace end backup' command is issued; however, the datablock within the database files can continue to be read and updated. When the datafile is restored from a hot backup, the recovery will begin from the SCN captured during the begin backup is issued. All changes applied during the hot backup time period will be
rolled forward from the redo logs.
Regards,
Teymur Hajiyev
Oracle 10g Certified Master
http://teymur-hajiyev.blogspot.com
http://dba.az -
ACS internal database replication
I have setup ACS internal database replication and it works once then the secondary config is overwritten and doesn't contain the AAA server of the primary.
primary - 10.100.253.25
ACS 1113 running 4.2
secondary - 10.100.253.26
ACS 1113 running 4.2
Example of before and after
Before replication
The primary has these AAA servers listed under network components.
self - 127.0.0.1
acs2 - 10.100.253.26
The secondary has these AAA servers listed under network components.
self - 127.0.0.1
acs1 - 10.100.253.25
After replication
The primary has these AAA servers listed under network components.
self - 127.0.0.1
acs2 - 10.100.253.26
The secondary has these AAA servers listed under network components.
self - 127.0.0.1
acs2 - 10.100.253.26
therefore after the first replication subsequent attempts will fail because the secondary won't accept attempts from unknown AAA servers. Is this to be expected or can I mitigate it in someway?Please try setting the original ip address by using "Set ip" Command from the console connection of the ACS Solution engine. Once you successfully changed the ip address, you can apply the patch 11 or above (latest is patch 16) on the ACS SE (This will fix the problem).
In majority of cases set ip command fails but sometime works too.
In case it doesn't help then we have 2 options:
1.] Open a TAC case, send the database file to delete the entry.
2.] If you are not intrested sending your database then try the below listed steps:
In order to remove the loopback entry from the Database, we need to follow following steps,
Please download ACS 4.2 trial from following link, if you do not have ACS Full version for Windows purchased.
http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-eval- eval-ACS-4.2.0.124-SW.zip
[1] Install eval version on Windows 2000/2003 server. Please also ensure that JAVA is installed on that server.
[2] Take a backup from ACS SE from, System Configuration > ACS Backup >Backup Now.
[3] Restore the database backup on ACS eval.
[4] On eval ACS , go to Network Configuration > find the AAA Server entry with 127.0.0.1 entry. Edit it and give it some other IP for
example, 1.1.1.1. Submit + Apply.
[5] On eval, Restart CSAdmin service.
[6] On eval, go back to Network Configuration and search for the changed IP address and delete that entry, Delete + Apply.
[7] Take a backup from eval ACS, System Configuration > ACS Backup > Backup Now.
[8] Restore the database backup from eval ACS into ACS SE from option, System Configuration > ACS Restore, choose the database backup. Check Check option "User and Group Database" and "CiscoSecure ACS System Configuration", then press Restore Now.
[9] On ACS SE, go to Network Configuration, make sure that 127.0.0.1 entry is not there and for ACS SE's hostname we have the correct IP address. Go to Proxy Distribution Table > (Default). Move the server’s hostname entry that has correct IP for this ACS SE into "Forward To" column, if not already. Then press "Submit + Restart".
Reference defect, CSCso36620 - Toggle nic command changes AAA server ip address to "127.0.0.1" in GUI.
Regards,
Jatin
Do rate helpful posts- -
DBACockpit Configuration - Remote Database backup of Java Stack.
Hi All,
I am configuring remote database backup of my SAP Java stack system.
I have successfully connected the system in dbacockpit. I have gateway installed also on the remote host system. but Database scheduling on DB13 failed.
On the OS of CEN system, I can connect to the host system of the remote using the OPS$ logon and i.e
sqlplus /@SID as sysdba - (It connected, to confirm i querried the v$instance I was also able to shutdown the remote system)
E:\>sqlplus /@SID as sysdba
SQL*Plus: Release 10.2.0.4.0 - Production on Wed May 18 15:37:46 2011
Copyright (c) 1982, 2007, Oracle. All Rights Reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.2.0 - 64bit Production
With the Partitioning, OLAP and Data Mining options
But when I ran the brtools to perform the backup I got this error.
"BR0301W SQL error -12560 at location BrDbConnect-2, SQL statement:Hi Niyi,
This is a TNS error. The system is not able to connect TNS by using br*tools.
Firstly, check your environment variables. They should be as same as java system environmnt variables.
Secondly, check the link below;
[BR0301W SQL error -1017;
You need to create a synonym and SAPUSER table for the gateway installation <sid>adm user on Java database. By doing so, br*tools will be able to connect to the java database.
Best regards,
Orkun Gedik -
Memory error after C042 errors on users database
Hi,
We recently have memory error messages on the POA and on the Client.
The error seemed to follow several C042 errors:
The database function 53 reported error [C042] on user4mn.db
Error: Memory error. Memory function failure [8101] User:
I cannot find any process that is accessing the user database at that time (GWcheck, Backup)
The user also gets a memory error and has to restart the client.
any ideas?On 9/7/2011 2:16 AM, pdjongh wrote:
>
> Hi,
>
> We recently have memory error messages on the POA and on the Client.
> The error seemed to follow several C042 errors:
> -The database function 53 reported error [C042] on user4mn.db
> Error: Memory error. Memory function failure [8101] User:-
>
> I cannot find any process that is accessing the user database at that
> time (GWcheck, Backup)
> The user also gets a memory error and has to restart the client.
>
> any ideas?
>
>
Have you run a full contents and structure check on the user?
Maybe you are looking for
-
Please help- Audio Cd won't mount after Update to 10.3.9
My CD/DVD drive is MATSHITA CD-RW CW-8122. Data CDs and DVDs are mounting fine. However when I put in an audio cd it clicks a few times and soonafter ejects. Everything was fine as far as I can remember before my update to 10.3.9 (from 10.3.5, I thin
-
My old ipod using 2.2.1 stuck in iTunes restore
Hi, Any help appreciated. Whilst trying to Sync my small iTunes library of music to my iPod, the following error messages have me locked in a futile loop. 1) iTunes has detected an iPod in recovery mode. You must restore this iPod before it can be us
-
Error in visual administrator while implementing Spnego authentication sche
hi, i have under gone all thease steps. for implementation of SPnego sceme on my portal. >downloaded SPnego wizad file from note specified. >unziped it and got .ear files >deployed those .ear files on my server. >now went for service user J2ee config
-
Hi For Reporting purpose we want to create a new document type in FI AR. what are stpes to do. like if we want to copy doc type "DG" to ZG. plz mention congiuration steps. ( with T-c0des ). Thanks. Thomas Moderator: Please, respect the rules of
-
Our Studio is holding onto a full rack cabinet, 2 XSERVE Raid 14x750GB Ultra ATA units, Exabyte Tape Back up system (with 750GB tapes) and Xserve all purchased directly from Apple and only used as our video backup system. It's a bit dusty from being