Integrated CSM + ACS - DCR Device Wizard

Hi there,
I've integrated CSM v3.3.1 into ACS v4.1.4 within Common Services/AAA Setup and setup a Bulk Import of Devices from ACS into Common Services.  Have also setup default device credentials.
This seems to be working fine, in that I can login to CSM using credentials from ACS and the CSM Device and Credentials list shows all my network devices imported from ACS.
Again I've logged into the CSM Client using credentials from ACS but I don't seem to be able to "Add Devices From DCR", the only option I have is to import from an export file from DCR.   The problem here is that the export file contains all the default device credentials which I don't want users to know.
Have I missed something?
BAsed on the User Guide I'm expecting there to be an "Add Devices From DCR Wizard".
Thanks
Michael

OK,
I have got to the bottom of this now.
I was reading the CSM 3.1 User Guide which I'd downloaded in the past, assuming that Cisco wouldn't remove a feature in a later release, just add/improve/fix features.
Obviously not, having downloaded the CSM 3.3 User Guide it is obvious that the "Add Devices from DCR" option has been replaced with "Add Devices from File".
To double-check this I've done a clean install of CSM 3.1 and the different outputs from the client showing the change are attached.
The function does still exist in Performance Monitor however.....
Therefore the only options are to either:
Export the devices/credentials from DCR and import into CSM
Means that people with access to the server (e.g. IT Department) have potential access to the export files containing master device credentials of firewalls which obviously is no use in a secure environment 
Have the firewall/security administrators manually add each device to CSM supplying necessary credentials
This is OK to an extent, except that we are trying to maintain a secure environment with "role seperation" and traceable named accounts, hence the integration to ACS.
Rather than being able to set a complex "default credential" once which would then be destroyed/forgotton, this now means that the Firewall/Security administrator needs to know the master/generic admin account which is used by CSM to access the devices, which he/she could use instead of their named ACS account!
None of this is very "secure" for a supposed security product
Is there a way to re-instate the "Add Devices from DCR" option in client versions CSM 3.2+ ?
Is there a way to set "default credentials" in CSM like you can in Common Services, so that administrators don't need to know them (e.g. have them written down) so they can be set each time a device is added ?
Thanks
Mike

Similar Messages

  • DM Switch Device Wizard prompts in another language?. German maybe?.

    I recently switched from a Palm Treo 700p to a red Blackberry Curve 8330.  I installed the Desktop Manager using the User Tools CD and updated it to the most current version (4.7) without running into any problems.  However, when I try to use the Switch Device Wizard to transfer my contacts and calendar to the Curve, the wizard dialog box appears in a language other than English with all options and buttons grayed out except Cancel.  I've searched everywhere online, but I have not been able to find a similar occurrence or fix.  Can anyone please help me with this issue?
    BTW, here are some additional information about my devices and computer.
    Palm Desktop Manager v 6.2.2
    Palm HotSync v 7.0.2
    Palm OS Garnet v 5.4.9
    LAPTOP
    Windows XP Pro SP3
    Outlook not installed
    Both the Treo and Curve are on the Sprint network.

    Hi,
    Visual Voicemail?
    Vendors are coming out with it, Youmail has a an app for it.
    Take a look on the web, I don't use it so I can't recommend.
    Voice Recognition:  Vlingo!  Personal recommendation on this one! I ran it on my Curve and Storm!
    The basic program is free, &17.99 for the plus version one time fee.
    http://www.vlingo.com/vlingo/blackberry.jsp 
    Can't do much for the touch screen!
    Thanks,
    Bifocals
    Click Accept as Solution for posts that have solved your issue(s)!
    Be sure to click Like! for those who have helped you.
    Install BlackBerry Protect it's a free application designed to help find your lost BlackBerry smartphone, and keep the information on it secure.

  • Can't get the Switch Device Wizard to work - HELP:

    currently using version 4.3.0.17 of the Blackberry desktop manager and version 4.2 of the Palm desktop.  When I try to use the Switch device wizard, I get to the screen where it asks me to select the software, either the Palm Treo or the Windows Mobile and I can't go any further.  I can see the tick boxes but it won't let me select anything and the program doesn't do anything, i.e. no activity.  Any suggestions?  Has anyone actually gotten this to work?  Thanks,
    Pat

    Hi and welcome to the forum!
    Try this link and see if it answers your questions:
    http://supportforums.blackberry.com/rim/board/message?board.id=8300&message.id=6192&query.id=147130#...
    Please let me know!
    Click Accept as Solution for posts that have solved your issue(s)!
    Be sure to click Like! for those who have helped you.
    Install BlackBerry Protect it's a free application designed to help find your lost BlackBerry smartphone, and keep the information on it secure.

  • Cisco Prime NCS integration with ACS 5.1

    Hello,
    We've an issue with authorization on NCS system. NCS successfully integrated witch ACS, but there is a problem with one user. All users have equivalent rights under root. There is shell profile with all possible tasks (exported from NCS server) configured on ACS. All users exept this one (unlucky one:)) authorizes successfully.  In  ACS logs, authentification and authorization status for this user is passed and all attributes (policy, profile, AV-pairs e.t.c.) is the same as for another users. This 'unlucky' user gets a following message:
    There is surely no browser or network issue. Tried from different PCs with same result. There is no any local info related to this username on the NCS server. When i change one charecter in the username on his ACS account, everything works well. What could be a possible reason of this behaivour?  Thanks!
    Our ACS v
    Version 5.1.0.44.X
    And NCS
    Version : 1.1.2.X

    this question should be moved to the Security > AAA forums as this sounds more like an ACS issue than NCS.
    HTH,
    Steve
    Please remember to rate useful posts, and mark questions as answered

  • Any alternative to Switch Device Wizard

    I had to get a new Blackberry 8320 because the port for charging or backing up the phone died.  All my backed up data is now trapped in a file on my PC and I can't used Switch Device Wizard because I can't get a connection to my old Blackberry.  Anyone know of an alternative way to uploading the data into my new Blackberry?

    KB14058 How to delete all data and applications from the BlackBerry smartphone using the Wipe Handheld option
    KB16307 Actions performed by the BlackBerry smartphone during the removal of stored user and application data
    Occam's Razor nearly always applies when troubleshooting technology issues!
    If anyone has been helpful to you, please show your appreciation by clicking the button inside of their post. Please click here and read, along with the threads to which it links, for helpful information to guide you as you proceed. I always recommend that you treat your BlackBerry like any other computing device, including using a regular backup schedule...click here for an article with instructions.
    Join our BBM Channels
    BSCF General Channel
    PIN: C0001B7B4   Display/Scan Bar Code
    Knowledge Base Updates
    PIN: C0005A9AA   Display/Scan Bar Code

  • Can WAE be integrated with non-cisco devices?

    So far, all documentation that I read, WAE is used in conjunction with Cisco devices.  Can WAE be integrated with non-cisco devices? 
    I guess, In-line mode should work ok, but how about off-path mode?  An example or link will be appreciated.
    Thanks!
    Joe

    Hi Joe,
    It should be possible to use WAAS with non-cisco routers, as long as they support WCCP.
    There are no documents on this because, the configuration from WAAS point of view would be the same, and the router configuration would depend on the vendor.
    Regards
    Daniel

  • Switch device wizard freezes (Palm T|X to BlackBerry Pearl)

    I am trying to transfer my calendar from my Palm T|X to my new BlackBerry Pearl.  I realized I didn't have the correct version of the Palm software, so I uninstalled it and downloaded the right one.  It synced correctly with my Palm, so my calendar is correct in the Palm Desktop software.  When I open the BlackBerry Desktop Software and try to run the Switch Device Wizard, it recognizes that I have a Palm, and starts transfering.  It gets to 1435/1536 calendar events and freezes.  The program becomes non-responsive, and I've had to use the task manager to kill it several times.  I've read several similar posts, none of which ever seem to be resolved, and I'm a bit concerned.  I'd appreciate any help.

    Cami,
    Unplug the BB for the first part of the Switch, and plug it back in when it asks.
    And correct--Outlook is the best and most common option for organizing your BB data on the desktop and syncing back to the BB.
    1. If any post helps you please click the below the post(s) that helped you.
    2. Please resolve your thread by marking the post "Solution?" which solved it for you!
    3. Install free BlackBerry Protect today for backups of contacts and data.
    4. Guide to Unlocking your BlackBerry & Unlock Codes
    Join our BBM Channels (Beta)
    BlackBerry Support Forums Channel
    PIN: C0001B7B4   Display/Scan Bar Code
    Knowledge Base Updates
    PIN: C0005A9AA   Display/Scan Bar Code

  • Switch Device Wizard

    If I am getting a repalcement Blackberry (8820)- same model as I currently have; would you reccomend that I use the Switch Device Wizard instead of the backup/restore process? Or would the restore process get me the same data?
    Thanks

    Restore process in switch device wizerd will the same thing of backup and restore. In addition it also bringing all the application that you're using in your previous device and restore your enterprise activations.
    tanzim                                                                                  
    If your query is resolved then please click on “Accept as Solution”
    Click on the LIKE on the bottom right if the post deserves credit

  • Switch Device Wizard vs Backup/Restore Option

    If I am getting a repalcement Blackberry (8820)- same model as I currently have; would you reccomend that I use the Switch Device Wizard instead of the backup/restore process? Or would the restore process get me the same data?
    I have an Enterprise Outlook email address (from my employer) and some downloaded links for news, weather, finance, etc. I have setup my currently blackberry the way that I would like the new one to be. Is that possible with either the Switch Device or restore process?
    For the application loader - if I have Windows Vista Business on my laptop and Office 2003 or 2007, can I download the Microsoft applications to my Blackberry? Is that how the application loader functions?

    If you're on a BES, your data, including your Browser Shortcuts, Profile Preferences will be restored to your device from the BES when you run the Enterprise Activation.
    For information on what databases are NOT backed up, check here:
    http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB11101 
    For a list of databases, check here:
    http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB03974 
    No, you can not install applications like Office 2007 on your BlackBerry.  For a pretty long list of applications you CAN install on your BlackBerry (most with OTA or Over The Air installations available), check here:
    http://blackberryforums.pinstack.com/blog.php?b=322
    Jerry

  • All the devices not showing after CSM integration with ACS

    Hi all
    I integrated ACS with CSM and added all the security devices into ACS as client devices.But after integration with with ACS only few devices are shown in the CSM when i logged in as super admin.for all other users (system admin,network operator etc.),no devices are shown in the CSM.Please give me a solution to solve this.

    Did you have devices already in CSM when you integrated it into ACS ? Did you make sure that the hostname of the devices is exactly the same in acs and csm ?

  • LMS 4.x -- Integration of ACS v5.x

    Hi all,
    I was wondering why LMS 4.x isn't able to fully integrate ACS v5.x Device in Inventory.
    We added our ACS-Applicance (plz see show ver)
    Cisco Application Deployment Engine OS Release: 1.2
    ADE-OS Build Version: 1.2.0.228
    ADE-OS System Architecture: i386
    Copyright (c) 2005-2009 by Cisco Systems, Inc.
    All rights reserved.
    Hostname: A1
    Version information of installed applications
    Cisco ACS VERSION INFORMATION
    Version : 5.3.0.40
    Internal Build ID : B.839
    but only little integration was possible (no detailed inventory, no config fetch, ...)
    SNMP-OID was discovered as non-cisco (Prime Computer)
    dcrcli> detail id=3642
    Display Name = A-1, Device ID = 3642
         MDF Type : Unknown Device Type
         Sys Object ID: 1.3.6.1.2.1.47.1.1.1.1.13.1
         IP Address: 10.100.207.11
         Host name: A-1
         Domain name: xxx.net
         Primary Username: <Value specified>
         Primary Password: <Value specified>
         Primary Enable Password: <Value specified>
         SNMP V2 RO Community String: <Value specified>
         SNMP V2 RW Community String: <Value specified>
    No Inventory-Packages are available via CCO to download.
    Does anybody of you out there know whether there are any plans to fully integrate ACS devices?
    In our Company ACS will be used for 802.1x authentication, and is quite important.
    So we would like to fully manage this Cisco-Device with Cisco's element management tool available (LMS)!
    Thanks for any feedback
    Lothar

    Cisco Prime LMS is not designed to manage appliances like the ACS. ACS is not on the LMS supported device list and I would doubt that it would be as LMS's functions are mostly not applicable to the appliance or software running on it.
    You can use ACS as an authentication source for LMS, but authorization is still role-based according to the local accounts on the LMS server.

  • Cisco Security Manager - Integration with LMS/DCR

    Following on from my posts in:
    http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Network%20Management&topicID=.ee71a02&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cc16e9f
    How do I configure CSM so that I get the option to "Add Device from DCR" rather than having to export/import the devices manually?
    Many thanks

    Any ideas?

  • LMS 3.1 Slow after integrating with ACS

    Dear All, have any one faced issue of slowness after integrating LMS3.1 with ACS4.2. I dont know how can I resolve this issue. Is there any patch to resolve it...
    Any kind of help will be very helpful.

    I'm using LMS 3.2 into ACS 4.0 and it actually seemed a bit faster after ACS integration. Nothing I measured but subjectively it seems faster. Both my servers are on Windows and the ACS is across the WAN from my CiscoWorks.
    How do your devices fare with their ACS? You can debug tacacs at the router/switch level as one tool. I'm sure one of the cisco guys on here will point you to one of the many logs that LMS generates, possibly with debugging activated, to dig deeper there also.

  • LMS 3.2 integration with ACS 5.1

    Hi
    Is it
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-qformat:yes;
    mso-style-parent:"";
    mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
    mso-para-margin-top:0cm;
    mso-para-margin-right:0cm;
    mso-para-margin-bottom:10.0pt;
    mso-para-margin-left:0cm;
    line-height:115%;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:"Times New Roman";
    mso-bidi-theme-font:minor-bidi;
    mso-fareast-language:EN-US;}
    possible to integrate LMS 3.2 with ACS 5.1? I know it works with ACS 4.X, but I can't get it to work with ACS 5.1.
    Here is a link to how to do it with ACS 4.X:
    http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6504/ps6528/ps2425/prod_white_paper0900aecd80613f62.html
    Regards
    Reidar

    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-qformat:yes;
    mso-style-parent:"";
    mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
    mso-para-margin-top:0cm;
    mso-para-margin-right:0cm;
    mso-para-margin-bottom:10.0pt;
    mso-para-margin-left:0cm;
    line-height:115%;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-fareast-font-family:"Times New Roman";
    mso-fareast-theme-font:minor-fareast;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:"Times New Roman";
    mso-bidi-theme-font:minor-bidi;}
    Thanks Reidar.... hmm very strange. I really wish an expert would respond to this thread as it will help a lot of people who might be planning to deploy these versions and they can help put this matter to rest once and for all. Not sure why LMS 3.2 will not support ACS 5.1 and it might help to know when it will (updates etc). Kindly let me know if you get any further information. My deployment is so large that setting a local username and password on all the devices is not an option unfortunately .......

  • LMS PRIME 4.2 integrating with ACS 4.2

    Hello,
    i would like to integrate new lms prime 4.2 with acs.4.2 . .. !!
    is there document or user guide for this version of lms?
    Thanks in advance.
    Marwan

    IN LMS 4.2 there is nothing which is known as Integration (like LMS 3.x), since it added feature RBAC.
    Now ACS can just be used as PAM to have ciscoworks authenticated for Tacacs+ or Radius. After the auth is done, you should have a authorization set in LMS locally for user, else it will be given a default HELP DESK access.
    For more details check :
    Authentication Using Login Modules - Overview
    -Thanks

Maybe you are looking for

  • Why does itunes store not work with windows 8

    every time i try to sign into itunes store i get an error code or itunes shuts down

  • No iweb with my ilife

    i bought a new mac mini some months ago..i suppose to have i web in it but i don't have one..incase i do have iphoto, garage band and imovie

  • Display Vertical scroll bar by default

    I am not getting vertical scrollbar in JEditorPane.Here a sample Code. TRy to replace the image with available image of size greater than 800*400.(so that you will get a scrollbar). After running this code you will find that horizantal scrollbar appe

  • Property Metadata don't change when deploying project

    Hi, 1.) I used this help http://help.sap.com/saphelp_nw2004s/helpdata/en/44/2dff5a13363f0ae10000000a114a6b/content.htm to create my own commands, uicommands, etc. 2.) I also created manually in: System Administration => System Configuration => Knowle

  • 10.7, Aperture

    I have read many of the blogs on 10.7,Aperture, and printing with the Canon 9500 MarkII. I downloaded the most recent drive that was suggested but still, my prints are so poor. Is it a combination of 10.7 and Aperture? If I switch to LR will I have n