Credentials in LMS 3.2

Similar Messages

• Invalid credentials report LMS

  Hi there,
  I want to know if there is a way to show invalid attempts to access to my different equipements on LMS.
  For example, Show an alarm each time someone tries to access to a switch with an invalid credentials.
  Thank you in advance

  for failed login attempts to the switches, configure the following in global config mode: 
      login on-sucess log
      login on-failure log
  and you should get syslog messages on succesfull and failed login attempts.
  Additionaly, you can define an automatic action on this specific syslog message to send you and e-mail based on this message 

• WCS and LMS to Cisco Prime Infrastructure 1.3 Upgrade

  Hello,
  Our customer is currently having WCS for 500 devices and LMS 3.2 for 1500 devices. We are planning to upgrade to Cisco Prime Infrastructure 1.3.
  I want to check is the upgrade procedure that we have planned is ok or we have missed something.
  Phase 1: WCS to CPI 1.3 upgrade
  1. Check that WCS is at 7.0.230.0  version
  2. Export WCS database
  3. Install NCS 1.1.1.24 software
  4. Contact cisco to obtain trial license for NCS software (L-WCS-NCS1-M-K9 license).
  5. Migrate WCS license and import it in NCS software
  6. Migrate WCS data to NCS software using ncs migrate command
  7. Patch NCS software
  8. Inline upgrade to CPI 1.3 software
  9. Install proper licenses on CPI 1.3 (WCS and LMS device count)
  My concern in this first phase is should I use NCS large image since our Cisco Prime Infrastructure 1.3 software should manage 2000 devices at the end.
  Or is it better not to perform inline upgrade and insted go with exporting data from NCS and then importing them to CPI 1.3 that is going to be installed separately?
  Phase 2: LMS 3.2 to CPI upgrade
  1. Export LMS 3.2 database
  2. Install LMS 4.2 software
  3. Install license to LMS 4.2
  4. Restore data from LMS 3.2 to LMS 4.2
  5. Direct upgrade from LMS 4.2 to 4.2.2
  6. Export the device list with credentials from LMS 4.2.2  and import it as a Bulk Import in CPI 1.3
  At the end we will have CPI 1.3 and LMS 4.2.2 software running.
  Is it possible to directly upgrade from LMS 4.2 to LMS 4.2.4 and then import data to CPI 1.3 or we need to go with 4.2.2 version?
  Regards,
  Jelena

  Hello Marvin,
  We have restored LMS 3.2 SP 1 database on LMs 4.2 and we have got some error messages during restore. Please see our restore output:
  [kalms4/root-ade ~]# /opt/CSCOpx/bin/perl /opt/CSCOpx/bin/res
  resolver.pl           restoreDBTableMig.pl  restoreJRMMig.pl      restorebackup.pl     
  [kalms4/root-ade ~]# /opt/CSCOpx/bin/perl /opt/CSCOpx/bin/restorebackup.pl -d /opt/BKP/
  Restore started at : 2013/12/05 14:11:58
  Please see '/var/adm/CSCOpx/log/restorebackup.log' for status.
       USER ID is ..................................... : sysadmin
       OS of the backup archive is..................... : Windows
  INFO:The backup archive is from a different OS. Your current Platform is: Soft Appliance .
  You are attempting to perform a Cross Platform Restore..
  Do you wish to continue (Y/N) [Y] :Y
       Generation to be restored is ................... : 0
       Backup taken from............................... : /opt/BKP/
       Common Services version in the backup data is... : 3.3.1
       Common Services is installed in................. : /opt/CSCOpx
       The temp folder for this restore program........ : /opt/CSCOpx/tempBackupData
       Applications installed on this machine ......... : [Common Services][Campus Manager][Resource Manager Essentials][Device Fault Manager][cwportal][ipm][upm][cvw][cwlms]
       Applications in the backup archive ............. : [Common Services][Campus Manager][Resource Manager Essentials][Device Fault Manager][opsxml][cwportal][ipm][upm][cvw]
       WARNING: The list of applications installed on this CiscoWorks server does not match the list of
                applications in the backup archive. If you restore data from this backup archive,it may
                cause problems in the CiscoWorks applications.
                Do you want to continue the restore operation?  (y-continue or n-quit, y/n)?Y
       Applications to be restored are................. : [Common Services] [Campus Manager] [Resource Manager Essentials] [Device Fault Manager] [cwportal] [ipm] [upm] [cvw]
       Available disk space in NMSROOT................. : 86451488 Kb
       Required disk space in NMSROOT.................. : 35906524 Kb
       (The temp and NMSROOT are on same device, therefore this required disk space includes temp space)
    Copying the backup files to the temporary location [/opt/CSCOpx/tempBackupData]
    preRestore of [Common Services] has started.
    preRestore of [Common Services] has completed.
    preRestore of [Campus Manager] has started.
    preRestore of [Campus Manager] has completed.
    preRestore of [Resource Manager Essentials] has started.
    preRestore of [Resource Manager Essentials] has completed.
    preRestore of [Device Fault Manager] has started.
    preRestore of [Device Fault Manager] has completed.
    preRestore of [cwportal] has started.
    preRestore of [cwportal] has completed.
    preRestore of [ipm] has started.
    preRestore of [ipm] has completed.
    preRestore of [upm] has started.
    preRestore of [upm] has completed.
    preRestore of [cvw] has started.
    preRestore of [cvw] has completed.
    doRestore of [Common Services] has started.
            Cross Platform Update started.
            Cross Platform Update completed.
            License check started.
               WARNING: The license details in the server are different from the backup data.
                        After restoring, please check the license available in the server.
               WARNING: Your current license count is lower than your earlier license count.
                        If you restore the data now, devices that exceed the current licence count
                        will be moved to Suspended state.
            License check completed.
            Restoring certificate.
               WARNING: Cannot evaluate the hostname, hence the certificate
                        may be from this host or another host.
                        [  Certificate not overwritten  ]
            Restored Certificate.
            Restoring Common Services database.
            Restored Common Services database.
            Restoring CMIC data.
            Restored CMIC data.
            Restoring CMC data.
            Restored CMC data.
            Restoring Security Settings.
            Restored Security Settings.
            Restoring DCR data.
            Restored DCR data.
            Restoring Certificate key store.
            Restored Certificate key store.
    Restoring DCNM CrossLaunch data.
            Restored DCNM CrossLaunch function.
            Restoring JAAS configuration.
            Restored JAAS configuration.
            JRM Job Migration started.
            JRM job Migration done.
    doRestore of [Common Services] has completed.
    doRestore of [Campus Manager] has started.
            Cross Platform Migration for Campus started.
  Cross Platform update Starts for Campus
    doRestore of [Campus Manager] has completed.
    doRestore of [Resource Manager Essentials] has started.
  10% of RME  Restore completed
  30% of RME  Restore completed
  50% of RME  Restore completed
  70% of RME  Restore completed
  100% of RME  Restore completed
    doRestore of [Resource Manager Essentials] has completed.
    doRestore of [Device Fault Manager] has started.
  10% of DFM Restore completed
  30% of DFM Restore completed
  50% of DFM Restore completed
  80% of DFM Restore completed
  Going to modify Eight PM report 
  Modified Sucessfully Eight PM report 
  100% of DFM Restore completed
    doRestore of [Device Fault Manager] has completed.
    doRestore of [cwportal] has started.
  Error while coping the File: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/db/portal.properties
    Src file : /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/db//portal.properties  ,,, Destination file : /opt/CSCOpx/MDC/tomcat/webapps/cwportal/db/portal.properties
  File Copied: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/db/portal.properties
  Error while coping the File: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/db/portal.properties
  Error while coping the File: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/db/portal.script
  Error while coping the File: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/db/portal.script
    Src file : /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/db//portal.script  ,,, Destination file : /opt/CSCOpx/MDC/tomcat/webapps/cwportal/db/portal.script
  File Copied: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/db/portal.script
    Src file : /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/db//portal.log  ,,, Destination file : /opt/CSCOpx/MDC/tomcat/webapps/cwportal/db/portal.log
  File Copied: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/db/portal.log
  Error while coping the File: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/db/portal.log
  Error while coping the File: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/db/portal.log
  Error while coping the File: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/WEB-INF/classes/data/ciscoWorks/properties/defaultUserCommunity.properties
    Src file : /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/WEB-INF/classes/data/ciscoWorks/properties//defaultUserCommunity.properties  ,,, Destination file : /opt/CSCOpx/MDC/tomcat/webapps/cwportal/WEB-INF/classes/data/ciscoWorks/properties/defaultUserCommunity.properties
  File Copied: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/WEB-INF/classes/data/ciscoWorks/properties/defaultUserCommunity.properties
    Src file : /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/WEB-INF/classes/data/ciscoWorks/properties//defaultCommunity.properties  ,,, Destination file : /opt/CSCOpx/MDC/tomcat/webapps/cwportal/WEB-INF/classes/data/ciscoWorks/properties/defaultCommunity.properties
  File Copied: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/WEB-INF/classes/data/ciscoWorks/properties/defaultCommunity.properties
  Error while coping the File: /opt/CSCOpx/tempBackupData/cwportal/CSCOpx/MDC/tomcat/webapps/cwportal/WEB-INF/classes/data/ciscoWorks/properties/defaultCommunity.properties
    doRestore of [cwportal] has completed.
    doRestore of [ipm] has started.
          10% of IPM Restore Completed
          30% of IPM Restore Completed
          50% of IPM Restore Completed
          60% of IPM Restore Completed
          70% of IPM Restore Completed
          100% of IPM Restore Completed
    doRestore of [ipm] has completed.
    doRestore of [upm] has started.
  HUM database restore starts
  INFO:STOP= /opt/CSCOpx/objects/db/bin64/dbstop -q -y -c dsn=upm
  SQL Anywhere Command File Hiding Utility Version 10.0.1.4239
  INFO: Database Shutdown is in Progress..Please wait
  INFO: Stop Engine Args= /opt/CSCOpx/objects/db/bin64/dbstop -q -y -c dsn=upm
  INFO: After Database Shutdown RC= 2304
  root=C:\PROGRA~2\CSCOpx\databases\upm\upm.db
  DBUTILS: Inside Cross Platform
  INFO: Current Database password does not match the password of Database being restored
  INFO: Using the Password of the Database being restored
  HUM database restore successfully completed.
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Poller
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Poller/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Threshold
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Threshold/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Custom
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Custom/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Poller_Failure
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Poller_Failure/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/TrendWatch
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/TrendWatch/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/Availability
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/Availability/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/PoEPORTUtilization
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/PoEPORTUtilization/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/Interface_Utilization
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/Interface_Utilization/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/Memory_Utilization
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/Memory_Utilization/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/Interface_Availability
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/Interface_Availability/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/Threshold_Violations
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/Threshold_Violations/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/CPU_Utilization
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/CPU_Utilization/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/PoEPSEConsumption
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/PoEPSEConsumption/README.txt
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/Interface_ErrorRate
  File :/opt/CSCOpx/MDC/tomcat/webapps/upm/reports/Quick/Interface_ErrorRate/README.txt
  Directory is reportsStarted changing property .
  linux
  Restored HUM configuration file successfully.
    doRestore of [upm] has completed.
    doRestore of [cvw] has started.
    doRestore of [cvw] has completed.
    postRestore of [Common Services] has started.
    postRestore of [Common Services] has completed.
    postRestore of [Campus Manager] has started.
    postRestore of [Campus Manager] has completed.
    postRestore of [Resource Manager Essentials] has started.
    postRestore of [Resource Manager Essentials] has completed.
    postRestore of [Device Fault Manager] has started.
    postRestore of [Device Fault Manager] has completed.
    postRestore of [cwportal] has started.
    postRestore of [cwportal] has completed.
    postRestore of [ipm] has started.
    postRestore of [ipm] has completed.
    postRestore of [upm] has started.
    postRestore of [upm] has completed.
    postRestore of [cvw] has started.
    postRestore of [cvw] has completed.
  Restored successfully.
  Are this errors going to affect our LMS 4.2 operations?
  Then we have upgraded to LMS 4.2.2 and exported data and credentiales for PI import.
  On PI 1.3 we have installed WCS 500 devices upgrade license and LMS 1500 upgrade license and now we are having 2000 devices lifecycle license. We have successfully restored WCS data in PI and we have imported LMS devices as bulk import. What is strange is that we have this message in prime regarding licensing:
  On LMS 3.2 our customer had saved unlimited number of configuration versioning. After upgrading to LMS 4.2 we can only see last 3 configurations regardless of unlimided number of configurations in previous LMS, so my question is where can we find older configurations in LMS 4.2?
  We are planning to turn unlimited versioning on CPI 1.3 now, so our customer will again have feature that they need. Do you have some experiance regarding disk space when all device configurations are stored forever?
  Thank you for your help.
  Regards,
  Jelena

• Can vlan.dat file be collected using SCP on LMS 4.2 ?

  Hello, I need help regarding vlan.dat file fetch.
  I'm using Cisco Prime 4.2 and VLAN fetch for all devices is currently going over TFTP. Devices managed by LMS are 2960, 4500, 6500 series. All devices are using SSH v2. ACS server is configured on all devices and SSH credentials are OK.
  This is the error meessage I get when i select SCP: "SCP user credentials not available. Configure the SCP user credentials and try again Action: Check if protocol is supported by device and required device package is installed."
  Is it possible to use SCP as VLAN fetch protocol? How to configure this on a devices and how to enter SCP credentials in LMS?
  Thanks.

  I don't think anything other than tftp is supported as the transport protocol for actual transfer of the vlan.dat file from the switches by LMS.
  See this post where Joe C. describes how LMS logs into the target device (via telnet or ssh) and then transfers the files back to itself using tftp. That's about 2-1/2 years old but matches what's described in the current LMS Configuration Management user guide, quoted here:
  "VLAN — Count of the successful VLAN configuration fetches for each protocol. This configuration fetch is supported by only Telnet and SSH protocols."
  You also have the option (as of LMS 4.2) of turning off vlan.dat collection since it is often of limited utility. Please refer to this thread for details.

• Upgrade to Cisco Prime 4.2

  Hi,
  I currently use an upgraded version of LMS 3.2 SP1 for 1.5K devices and I've managed to persuade the finance dept that I need to upgrade to 4.2.
  My question is regarding the upgrade process because I currently use a physical Windows server and need to use a VM on a UCS Blade for the new version. In the documentation I've found makes reference to the fact that I need to perform a remote upgrade from one system to the other but I want to start with a clean slate and don't really want to transfer all the discovered devices or current jobs to the new install.
  All I want to do is make sure that the version we're purchasing (upgrade from 3.2 SP1 for up to 300 devices) is properly licensed. I was going to download the eval version, install it on the VM and then apply the license but it's the "applying the license" part that I'm concerned with. From what I've read it looks as though I need to perform a normal backup and then migrate all the data across to the new installation. Is there a way to just transfer the license details or do I have to follow the complete process then delete everything I don't want so that I can start again?
  Thanks in advance for any help.
  Mark.

  Hi Mark,
  if you want to start afresh with LMS 42 without migrating the data its completely fine. You dont have to perform remote migration steps and you can start afresh from 0 with new Server.
  For details on which OS are supported please check the guide:
  http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.2/install/guide/prereq.html#wp1119955
  In short now only win2k8 and Sol 10 and a OVA linux soft appliance is available for VMWare.
  Yes you can install the Eval copy of LMS 4.2 and whenevry you apply license before the expiry of Eval it becomes a licensed software with lic device limit.
  Point to notice is in Eval mode only 100 devices are supported so more than that will not be managed by LMS 4.2, hence add more devices once you apply license.
  Installing license is easy task too, see Installing the License File.
  As a suggestion to get devices more faster on your new LMS 4.2 is you can export the DCR devices with credentials from LMS 3.2 and import DCR back on LMS 4.2, which will get all the device list without older data. Else a Standard Device  Discovery in LMS 4.2 should be able to do the job easily as well.
  -Thanks
  Vinod

• Infrastructure 2.2 using config mode to collect configs?

  I am running Cisco Prime LMS 4.2 and Cisco Prime Infrastructure 2.2 in parallel.  I just exported the device list and credentials from LMS and imported them into Infrastructure.  LMS has syslog alerts set up to notify the boss when "Configured from console by ..." messages get logged.  These messages typically come out whenever someone exits config mode, whether any actual changes were made or not.
  Basically, the boss got alerts from LMS for every device imported into Infrastructure, caused by something that Infrastructure itself did.  The only thing that I can see that Infrastructure did was collect the configs.  I haven't found that any changes were actually made.  So apparently Infrastructure uses config mode to collect the configs?  What in the world for?
  Thanks for any insight.
  Dave

  More information.  I have a few old devices that are still using telnet instead of ssh, and also have a packet capture appliance that captured all of this discovery traffic from PI.  I filtered out the trace from one of these telnet devices and found the following sequence among a bunch of different show commands:
    config t
    ip nbar ?
    ip nbar
    exit
  In the particular case of this device, the responses to the ip nbar config commands indicated that the device is not capable of doing nbar.  Your mileage may vary.
  Dave

• CiscoWorks LMS3.2 to Prime 1.2

  Hi
  Does anybody knows what´s the path to upgrade to Cisco Prime 1.2?
  Or if it is possible to install directly Prime 1.2, with what licencing?
  I have Ciscoworks LMS 3.2
  Thanks for your help

  There is no direct migration from LMS 3.x Prime Infrastructure. Usually, Cisco Prime Infrastructure 1.2 also includes the software and licenses to use Cisco Prime LMS 4.2.
  In case you want the data, you have to migrate the data by taking backup and restoring it to CPI from LMS 4.x. LMS 3.x has also reached end of engineering and data migration is not possible. 
  As with CPI 1.2 you have LMS 4.2 licenses as well, you can have direct inline upgrade to LMS 4.2 on top of LMS 3.2 server.
  The Prime Infrastructure 1.2 (bundle) includes:
  •Prime Infrastructure 1.2 (product) - replaces Cisco Prime NCS 1.1 and NCS (WAN) 1.1
  •Prime LMS 4.2
  It's important to clarify that when we're talking about migrating from LMS to Prime Infrastructure, the only data involved is an inventory of the devices themselves.  There is no migration for historical data, network diagrams, users,
  etc.  The data that gets brought over is simply the inventory.  Therefore the migration consists of exporting the devices into a spreadsheet in LMS, and using the bulk import feature in PI to import the CSV file.  Unfortunately there were some slight issues with the formatting of the exported spreadsheet versus what is needed to import into PI. Therefore some manual manipulations are required to get it to work.
  With LMS 4.2.2, there is a way right from the web interface to export the device list with credentials that can be consumed by Cisco Prime Infrastructure. The device list can be exported from Administration > Export Data to Cisco Prime Infrastructure (under System). Then select Export Device List and Credentials from the export options.
  Once you have the exported device list with credentials from LMS 4.2.2, it can be imported into Cisco Prime Infrastructure 1.3 by navigating to Operation > Device Work Center > Bulk Import.
  Only migration supported from LMS to PI 1.2 is the device credential repository (DCR) information. We only support direct LMS4.2.x DCR to PI 1.2 exports/imports directly, but you could export from LMS 3.2 to CSV, then modify the CSV file to match what PI 1.2 is looking for, then import that data.
  -Thanks
  Vinod
  **Encourage Contributors. RATE Them.**

• LMS 4.01 :credentials vérification SSH enable don't work

  I have a 3750 with tacacs authentication on Cisco Acs.
  in SSH on the active element no worries.
  I filled  the credentials of the device in lms add/import managed device
  But in inventory audits and credentials to create a job with verification to enable ssh mode user name and password,
  the job failed.
  Is this a known problem?
  Have an idea?
  Regards
  Philippe

  Hi,
  Thanks for the update and glad it fix the issue. Kindly close this thread so that it will be helpful for other too.
  Summary :- If you have customized prompts configured on the device that means when you try to login to device the Username --> look like "username" (notedown the lower case of "u") and Password --> password (notedown the lower case of "p"), in this case you need to put these credentials on tacacsprompts.ini file that is located at
  CSCOpx\objects\cmf\data
  So that file look like :-
  [TELNET]
  USERNAME_PROMPT=username:
  PASSWORD_PROMPT=password:
  After making the above change. LMS will try to login to device with lower case username and password and thus most of the issues like device credentials report and Sync Archive for the devices will be fixed.
  Many Thanks,
  Gaganjeet

• LMS 3.2 credentials/username question

  I recently installed the trial version of LMS 3.2 on a single server (10.1.1.1).  Now my head is spinning over what credentials i'm using vs authorization to modify a routers config vs device config. etc etc.
  I've added a bunch of devices, but I cannot configure any devices via LMS.
  I added a user called lmsuser to my routers/swiches.
  I added the loggin 10.1.1.1 comment to my routers/switches.
  I added read and write community ("readstring" and "writestring" strings to my routers/switches).
  Question
  1) I currently log into the portal using username: admin.  Is this used anywhere other than getting into the portal?
  2) I created a credential set called "firstset" with a user called lmsuser and readstring and writestring community strings.  Do I need to do something to associate "firstset" with each device in the DCR?
  3) When configuring RME credentials, do I use the the IP 10.1.1.1?
  4) In cisco view I see views of my devices.  When I right click on a switch interface and select "disable" I end up with an error message about not having permission to make the change.  What secret handshake is required to make this happen?
  I feel like I'm just not connecting the dots here.  Thanks in advance.

  1. No.  These credentials are only used to access LMS applications (the portal, command line, etc.).  They are not used to communicate with devices.
  2. It depends on how you are adding devices to LMS.  Each way (manual add, Discovery, import) allow you to choose a credential set, or use an automatic credential set.  If you choose automatic, then a credential set will be applied to your devices based on the rules you have defined.  Note: credential sets are only automatically applied when a device is added to DCR.  You can choose to manually apply credential sets later, but if you modify a credential set after a device is added to DCR, those changes will not automatically be applied to your existing devices.
  3. I don't understand.  This is the IP of the LMS server.  I'm not to sure what "RME credentials" you are referring, but I can't imagine where you would add 10.1.1.1 with any credentials.
  4. You need an SNMP read-write credential (e.g. community string) configured for the device in DCR (i.e. under Common Services > Device and Credentials > Device Management).

• Cisco Works LMS snmp v3 credentials

  I'm attempting to get a switch managed via SNMP v3 with CiscoWorks LMS 3.1 but I keep getting an error.  I'm using the same User, Group names and also the same auth and priv credentials but I keep getting the error:
  User is not authorized to perform the task on device.
  I'm not sure what I'm missing.

  Hi Florian,
  actually the ACS 5.2 is not supported in CS 3.2
  here is a list of the supported ACS servers under LMS 3.1
  http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_common_services_software/3.2/user/guide/admin.html#wp865998

• Lms credentials

  Dear all,
  im getting the follwing error
  while i m uploading the file in Csv format
  by modifying the previous one
  Invalidfileformat: no Header information in the input file

  If you are using Excel to edit CSV's make sure to remove the extra characters in the CSV. Here is an example of a modified CSV using Microsoft Excel 2007
  // Microsoft 2007 Saved file with extra padded characters (BEFORE)
  ; This file is generated by DCR Export utility,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
  Cisco Systems NM Data import, Source=DCR Export; Type=DCRCSV; Version=3.0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
  ;Start of section 0 - Basic Credentials,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
  ;HEADER: management_ip_address,host_name,domain_name,device_identity,display_name,sysObjectID,dcr_device_type,mdf_type,snmp_v2_ro_comm_string,snmp_v2_rw_comm_string,snmp_v3_user_id,snmp_v3_password,snmp_v3_auth_algorithm,snmp_v3_priv_password,snmp_v3_priv_algorithm,snmp_v3_engine_id,rxboot_mode_username,rxboot_mode_password,primary_username,primary_password,primary_enable_password,http_username,http_password,http_mode,http_port,https_port,cert_common_name,secondary_username,secondary_password,secondary_enable_password,secondary_http_username,secondary_http_password
  10.1.1.1,CoreSwitch1,test.com,,CoreSwitch1,,,,,,,,,,,,,,,,,,,,,,,,,,,
  ;End of CSV file,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
  // You must clean up the extra characters (AFTER)
  ; This file is generated by DCR Export utility
  Cisco Systems NM Data import, Source=DCR Export; Type=DCRCSV; Version=3.0
  ;Start of section 0 - Basic Credentials
  ;HEADER: management_ip_address,host_name,domain_name,device_identity,display_name,sysObjectID,dcr_device_type,mdf_type,snmp_v2_ro_comm_string,snmp_v2_rw_comm_string,snmp_v3_user_id,snmp_v3_password,snmp_v3_auth_algorithm,snmp_v3_priv_password,snmp_v3_priv_algorithm,snmp_v3_engine_id,rxboot_mode_username,rxboot_mode_password,primary_username,primary_password,primary_enable_password,http_username,http_password,http_mode,http_port,https_port,cert_common_name,secondary_username,secondary_password,secondary_enable_password,secondary_http_username,secondary_http_password
  10.1.1.1,CoreSwitch1,test.com,,CoreSwitch1,,,,,,,,,,,,,,,,,,,,,,,,,,,
  ;End of CSV file

• LMS 4.0 - credentials

  Hello,
  I installed new switchs on my network and I have others credentials than the oldest switches. I created a new credential set name with my new username and password (Admin -> Network -> Device Credential Settings -> Default Credential Sets)
  I'm not sure if it's the good way how to apply this new profile to my new switches. I created a default credential sets policy configuration with the hostname for my new switchs and the credential sets to use.
  I generated a verfication credential report but the result is that I have not the correct account and password for Telnet and SSH.
  Could you please help me?
  Thanks.

  A little mistake. Not only CFM, all LMS4.0 modules cannot SSH to the managed switches.
  Regards
  Hubert

• Upgrade from LMS 3.0.1 to LMS 3.1 or 3.2 and problem with devices update

  Hello
  How to upgrade from LMS 3.0 December 2007 update to LMS 3.1 or LMS 3.2. The problem is the large number of C2960S-24TS-L  switches that my organization has and cannot managed them..
  I tried to upgrade devices through Software Center but always Ciscoworks informs me with the following message.
  "Error while downloading package information from Cisco.com for the selected  products. See the log file for details".
  Also i can not run EOL/EOS inventory report. The message is
  " INVREP0102: Cisco.com user credentials are invalid. Enter correct credentials." I check my credentials and is right.
  The server  has access to www through proxy without any restrictions.
  In the past I've already updated devices through the software center. Also in the past i ve run EOS/EOL inventory reports.
  The LMS 3.0 December 2007 has the following products
  LMS
  3.0.1
  16 May 2008
  CiscoWorks  Common Services
  3.1.1
  02 Jul 2009, 07:44:58 EEST
  2.
  Campus  Manager
  5.0.5
  11 Oct 2009, 07:36:10 EEST
  3.
  CiscoView
  6.1.7
  02 Jul 2009, 07:45:05 EEST
  4.
  CiscoWorks  Assistant
  1.0.1
  02 Jul 2009, 07:45:05 EEST
  5.
  Device Fault  Manager
  3.0.5
  12 Jun 2010, 07:31:48 EEST
  6.
  Internetwork Performance Monitor
  4.0.1
  02 Jul 2009, 07:45:11 EEST
  7.
  Integration  Utility
  1.7.1
  02 Jul 2009, 07:45:14 EEST
  8.
  LMS Portal
  1.0.1
  02 Jul 2009, 07:45:16 EEST
  9.
  Resource  Manager Essentials
  4.1.1
  02 Jul 2009, 07:45:17 EEST
  Has anyone knows what can be the problem??.
  Thanks

  Hi,
  the problem to access cisco.com is because of a "bug". Its ID is CSCto46927.
  http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCto46927
  Symptom:
  After the 16th of June 2011 LMS will no longer  be able to download Software and Device Package updates, or PSIRT and  End of Sale/Life information from CCO
  Conditions:
  Hosted  services in Cisco.com that are being leveraged by LMS, for downloading  the latest Software and Device Package updates, as well as the PSIRT and  End of Sale/Life information are being migrated to a new framework and  the old services will be retired.
  This will affect all LMS 3.x and 4.x versions.
  Refer to https://supportforums.cisco.com/docs/DOC-16806 for more information
  Workaround:
  Users of LMS 3.2.1 , 4.0 should install the patch that can be downloaded from cisco.com
  Users of earlier version will need to upgrade to LMS 3.2 and then install the LMS 3.2 SP1 patch set before installing the patch"
  Because of that it is necessary to upgrade not only to 3.1 or 3.2, you need 3.2.1 to get the patch and then access to cisco.com again.
  The question about the better way for updating I can't answer. I did a update to 3.1 and then to 3.2. But I think you will find the requirements for the updates in the notes for them.
  But I can't find LMS 3.1 in the cisco download center. There is only 3.2 and 3.2.1 available for me.
  Sven

• Upgrading to LMS 4.0.1

  After the installation LMS 4.0 I make Upgrading on LMS4.0.1. The process remains stand with the message "File Copy in progress..." during several hours. After the Reboot of the server it points me Cisco Works again with LMS 4.0 starts.
  OS Version: Windows 2008 R2

  Hi
    Does any one know how to setup the Lms 4.0 i have loaded LMS 4.0 and also configured all basic settings, i am able to figure out how to add the device and check the verison treee etc,,
  after adding the device and try to veiw the device the below error message getting.,,
  The device is not available in the device credentials repository or you are not authorized to view the device details.
  i am using admin account to do this job.
  can some one help me on how to add device into lms 4.0 and check the config .
  SS

• Config collection fails occasionally in LMS 4.2

  Hello,
  In recently installed  LMS 4.2 archive collection is failing from time to time for random number of devices with error:
        "Execution Result: CM00139 Could not archive config Cause: Action: Verify that device is managed and credentials are correct. Increase timeout value, if required."
       We have sceduled config collection job to run every day. Credentials are ok. The LMS data is restored from LMS 3.2. Timeout seeting is the same as in LMS 3.2 and we never had this problem before.
       Somtimes it is working for 10 days correctly, and then one day it is not successful for 70 out of ~150 device. Then t is successfull for few days, then again fails for  86 devices. Collction is scedueld in the evening so devices are not overloaded, nor there is some other job in LMS running at the same time.
       Any ideas?
       Thanks,
       Marija
  I

  The following did resolve my issue
  The bug is fixed in the one of the latest device packages for LMS, SharedSwimIOS.RME525.v2-13-3. The release notes for it is here: http://www.cisco.com/web/software/283418817/118429/SharedSwimIOS.RME525.v2-13-3.readme.txt
  Before applying that device package update, the following prerequisites need to be met:
  - LMS 4.2.5
  - MDF 1.92 (or higher) update : https://software.cisco.com/download/release.html?mdfid=284259296&flowid=37207&softwareid=283716219&release=Mdf.%201.92&relind=AVAILABLE&rellifecycle=&reltype=latest
  - LibSwim.RME525.v2-13-1.zip & SharedDcmaIOS.RME525.v5-1-2.zip device packages already installed. Those two files and the  SharedSwimIOS.RME525.v2-13-3 file can be found here: https://software.cisco.com/download/release.html?mdfid=284259296&flowid=37207&softwareid=283418817&release=AutoDev%285.8%29&relind=AVAILABLE&rellifecycle=&reltype=latest