LMS4 user tracking dynamic update switch configuration

Similar Messages

• Update Switch Configuration from Switch Executive 2.1 to 3.5

  Hi everybody,
  I tried to update from Switch Executive 2.1 to 3.5 and had to find out, that my configurations have stoppped working. To me, it looks like 3.5 doesn't like my IVI configuration for the switching modules.
  The Verify function in MAX tells me that the PXI cards are not accessible. The frontpage of the switch configuration shows no configurations / terminal blocks.
  Since the configuration consists of nine matrix cards with a lot of hardwires, I'd really appreciate a way to properly import the old configurations (xml files are available)
  Any ideas?
  Cheers
  Oli
  Programming languages don't create bad code, programmers create bad code....
  Solved!
  Go to Solution.

  Hey Oli,
  Background:
  By default, NISE 3.5 and later use the DAQmx API (instead of IVI) to directly control switch modules.  This is different from previous versions, which required setting up an IVI session for each NI Switch module.  You can still use IVI with NI Switch modules in NISE 3.5 and later, but this is not the default behavior.
  The KB Sebastian referenced lists three different upgrade paths to use exported IVI Virtual devices in NISE 3.5 and later.  As you've discovered, NISE 2.1 has fewer export formats, so we'll need to take the following steps:
  Assumptions:
  You have virtual devices created in NISE 2.1 (file format doesn't matter).
  IVI Sessions and Logical names haven't been setup on your NISE 3.5 machine:
  Action items:
  Create IVI sessions and logical names.  You could manually create the IVI sessions (as mentioned in the KB), but there's a MUCH easier method:
  Right click on the NISE Virtual Devices tab and select 'Create New':
  Click the 'auto create IVI devices' button.  A dialogue will pop up... just click yes:
  The NISE Create Virtual device window should now look like this:
  Notice that we now have IVI devices.  Sweet!  So now just click cancel (yes, cancel)... we only used this dummy virtual device to simplify the IVI creation process.
  If you look in MAX, it'll appear as if there still aren't any IVI devices:
  Fear not, all we need to do is refresh.  To do this, hit F5, and voila!:
  So now all you need to do is change the IVI Logical name to whatever your old IVI Logical name was and then import as normal. 
  At this point, you should be operational using IVI devices in NISE 3.5 (if not, post up).  If you'd like to go one step further and upgrade to purely DAQmx calls, just follow the steps in the 'Upgrading from IVI to NI-DAQmx' section.  Note that once you've upgraded to DAQmx, you'll only be able to use exported Virtual devices with NISE 3.5 and later.
  Have a great day!
  -John Sullivan
  Analog Engineer

• Dynamic User Tracking

  I would like to get the real time updates on end hosts on my switches. From reading other posts it sounds like I need to do the following:
  1. Configure DHCP snooping on the switches.
  2. Enable the mac notification traps on the switches and verify they are being sent to LMS.
  I have catalyst 4000 and 4500 access switches. I've read that I may have problems with how LMS will handle the traps from the 4500 switches in this post: http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Network%20Management&topicID=.ee71a02&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cd34898
  Has anyone had much luck in getting dynamic user tracking to work with the Catalyst 4500?

  Not really. You'd have to run major acquisitions back to back to back, and that will just put too much strain on the server (and network).

• Dynamic User Tracking Ignoring Traps

  LMS3.2
  Campus Manager 5.2.0
  Set up a switch per instructions and moved a PC from port to port. The Results:
  S0068SWT0CW#sh mac ad not change
  MAC Notification Feature is Enabled on the switch
  Interval between Notification Traps : 1 secs
  Number of MAC Addresses Added : 5
  Number of MAC Addresses Removed : 4
  Number of Notifications sent to NMS : 9
  Maximum Number of entries configured in History Table : 1
  Current History Table Length : 1
  MAC Notification Traps are Enabled
  History Table contents
  History Index 1, Entry Timestamp 954048629, Despatch Timestamp 954048629
  MAC Changed Message :
  Operation: Added   Vlan: 5     MAC Addr: 0024.e8f4.52fe Dot1dBasePort: 4   
  S0068SWT0CW#
  Wireshark on the server shows the SNMP traps arrived at the server, but nothing is logged in the MACUHIC log (all items set for debugging and debugging is enabled)  and nothing shows up in the end host report.
  Trap listener configuration Listen traps from device is checked.
  Dynamic User Tracking Configuration validate trap source by IP address is checked. The source address in validate trap source matches the source shown by wire shark.
  What am I missing? How can I further troubleshoot this?    Thanks

  Trap listener Configuration
  Listen traps from device is selected
  Listen traps from DFM/HPOV is not selected
  trap listener port   1431
  Dynamic User Tracking Configuration
  validate SNMP Community     not selected
  validate trap source is selected
  IP address is 10.67.139.100
  It didn't work with the validate trap source not selected
  I am not using DFM. The device is sending its traps to the server with campus manager.

• Dynamic User Tracking with WS-C4506-E

  Hello,
  I've the following problem, configured dynamic user tracking on a
  WS-C4506-E with a WS-X45-SUP6L-E, System image file is a Version 12.2(53)SG2
  Interface configuration:
  snmp trap mac-notification change added
  snmp trap mac-notification change removed
  Global configuration:
  snmp-server enable traps mac-notification change
  snmp-server host xx.xxx.xx.xxx version 2c COMMUNITY udp-port 1431 mac-notification
  mac address-table notification change interval 60
  mac address-table notification change history-size 50
  mac address-table notification change
  #sh mac address-table notification change
  MAC Notification Feature is Enabled on the switch
  Interval between Notification Traps : 60 secs
  Number of MAC Addresses Added : 21509
  Number of MAC Addresses Removed : 21484
  Number of Notifications sent to NMS : 11632
  Maximum Number of entries configured in History Table : 50
  Current History Table Length : 50
  MAC Notification Traps are Enabled
  UTU2 does not found any records for the device name or if I search for a directly connected PC to this switch.

  Where is this Collector Status screen? What dashboard is it on ?
  >> Device Center > Troubleshooting Workflow
  The  fact that you have success for usertracking does not mean you server  receives mac address notification traps. It only means the passive  usertracking has run. The UT results from the other switch may come from  this process.
  >> Yes you're right.
  Only via snoop or packetcapture you can be sure you receive the traps you want.
  >> I set up a packetcapture on the server, the server receives the mac address notification traps on UDP port 1431.
  >>Dynamic user tracking of switches from the same site works...for example I have three WS-C3750V2-48PS-S over >>there.
  Also  if you look at the Collection Sumary in the Inventory -> Device  Status dashboard you may find that some devics fail on usertracking.
  >> Both switches are not under the failed devices.
  >>I'm a little bit confused now.... I can't even start a acquisition manually, LMS says device is not reacheable... but in Device Center (1st picture) "ping", "snmp" etc... is OK...

• IPM and dynamic user tracking not running properly.

  Hello, I've got two problems after a reinstallation of CiscoWorks LMS 3.2.
  Versions of software components:
  LMS-3.2
  Campus Manager-5.2.1
  CiscoView-6.1.9
  CiscoWorks Assistant-1.2.0
  CiscoWorks Common Services-3.3.0
  Device Fault Manager-3.2.0
  Integration Utility-1.9.0
  Internetwork Performance Monitor-4.2.0
  LMS Portal-1.2.0
  Resource Manager Essentials-4.3.0
  First probelm I have sounds pretty much like this thread:
  https://supportforums.cisco.com/message/3064784#3064784
  Source device is a WS-C3560-8PC - 12.2(55)SE1 - C3560-IPSERVICESK9-M
  I configured a IPM collector, if I have a look at the "Collector Management" the collector is running and I can also monitor the running collector.
  But if I have a look at the running config of the switch, there is no ip sla collector configuration but I can see the ip sla statistics via the show command.
  #sh ip sla configuration 135123
  IP SLAs, Infrastructure Engine-II.
  Entry number: 135123
  Owner: ipm|XXXS1077
  Tag: QA-Site1-Site2
  Type of operation to perform: udp-jitter
  Target address/Source address: target ip address/source ip address
  Target port/Source port: 2000/0
  Type Of Service parameter: 0xB8
  Operation timeout (milliseconds): 5000
  Codec Type: g729a
  Codec Number Of Packets: 1000
  Codec Packet Size: 32
  Codec Interval (milliseconds): 20
  Advantage Factor: 12
  Verify data: No
  Vrf Name:
  Control Packets: enabled
  Schedule:
      Operation frequency (seconds): 60
      Next Scheduled Start Time: Start Time already passed
      Group Scheduled : FALSE
      Randomly Scheduled : FALSE
      Life (seconds): Forever
      Entry Ageout (seconds): 3600
      Recurring (Starting Everyday): FALSE
      Status of entry (SNMP RowStatus): Active
  Threshold (milliseconds): 5000
  Distribution Statistics:
      Number of statistic hours kept: 2
      Number of statistic distribution buckets kept: 1
      Statistic distribution interval (milliseconds): 20
  Enhanced History:
  #sh ip sla statistics
  Round Trip Time (RTT) for       Index 135123
  Type of operation: jitter
          Latest RTT: 45 ms
  Latest operation start time: 14:36:31.759 MET Wed Mar 16 2011
  Latest operation return code: OK
  RTT Values
          Number Of RTT: 1000
          RTT Min/Avg/Max: 21/45/60 ms
  Latency one-way time milliseconds
          Number of Latency one-way Samples: 0
          Source to Destination Latency one way Min/Avg/Max: 0/0/0 ms
          Destination to Source Latency one way Min/Avg/Max: 0/0/0 ms
  Jitter time milliseconds
          Number of SD Jitter Samples: 999
          Number of DS Jitter Samples: 999
          Source to Destination Jitter Min/Avg/Max: 0/3/15 ms
          Destination to Source Jitter Min/Avg/Max: 0/1/9 ms
  Packet Loss Values
          Loss Source to Destination: 0           Loss Destination to Source: 0
          Out Of Sequence: 0      Tail Drop: 0
          Packet Late Arrival: 0  Packet Skipped: 0
  Voice Score Values
          Calculated Planning Impairment Factor (ICPIF): 11
  MOS score: 4.06
  Number of successes: 18
  Number of failures: 0
  Operation time to live: Forever
  #sh run all | include 135123
  Any suggestions? Am I right?
  The second problem is about the dynamic user tracking like these theads https://supportforums.cisco.com/message/3135881#3135881 or
  https://supportforums.cisco.com/message/3195492#3195492
  Access switches are configured properly, the configuration ran without any problems with the previous installation.
  No changes done at the configuration, using the default trap listener port etc.
  In the macuhic.log file I get entries like in the attached txt.
  When I try to run a full Campus Manager Data Collection I get the following errormessage:
  Failed to start acquisition: Construction of XML data required for UT is in progress.Please try after some time
  Also any suggestions? Am I right, too?

  By default IP SLA collectors installed by IPM do not appear in the running configuration.  If you want to install the collectors into the running configuration, then set the "Copy IPSLA Configuration to running-config" property under IPM > Admin > Application Settings, then delete and recreate the collector.
  Your Campus problem could be CSCtd49439 (a patch is available by contacting TAC).  However, you should start a new thread for your Campus problem.

• List item with user and/or department field linked + dynamic update of department field

  Hi all,
  I've the mission to create a Sharepoint 2010 list to manage our IT assets.
  An asset is linked to a user or to a department. The user field is not mandatory, the department field yes.
  When creating or updating an item, we should be able to choose a user (person column) and the department should be automatically populated. Or we should also be able to let the user field blank and only choose a department.
  1. How can I manage this ? The user profile service is already configured, linked to the Active Directory. So user and department information is already in the User Profile.
  2. Second constraint : when a user is moving to an other department, the department field should be automatically updated for all items linked to this user. Any idea ?
  Thanks a lot and best regards,
  Steve Roh

  I think you must write some code for this functionality.
  It could be a custom web part or a custom field.

• LMS3.2 - Campus User Tracking - Configure Subnet Acquisition

  Hi,
  under
  "Campus User Tracking - Aministration - Acquisition - Configure Subnet Acquisition"
  Then I have the window with "Perform subnet based acquisition", there is the list with "Available Subnets"
  1.     From where are coming these subnets?
  2.     Where can I configure this list, add/delete subnets?
  Regards Marcus

  These subnets come from the routers that Campus Manager is managing.  You cannot manually add subnets to this list.  They will be discovered automatically from the devices managed by Campus.

• LMS4.1 user tracking not sortable

  in LMS 4.1, under Monitor->Identity Dashboard, i have "user tracking summary" as a portlet, which tells me i have ~ 17,000 users.  when i click the report, it pops up a screen that shows mac address, ip address, hostname, subnet, etc.
  If i try to do ANY filtering, it returns 0 records.  this could be from a specific IP, mac address, device name, or subnet.  i have tried every type of record.  every filter i attempt always ends with 0 records returned, even though in the unfiltered list they show up.  It would be problematic to manually sort through 17,000 users looking for the particular records i need without the ability to use the filter.
  can anyone provide an example of how to filter the User Tracking report? is there some feature in LMS i don't own or have enabled to allow this filtering?
  thanks!

  I can't disagree with your logic, I guess I just assumed such an enterprise solution (that is FAR from cheap) wouldn't require an export of my close to 20,000 records to a .csv in order to do simple sorting.
  I will continue to look for a solution within the application, but if worse comes to worse i guess an export could suffice for some of what i'm trying to do.

• LMS4.2 NullPointerException with no User Tracking?

  I have just got LMS 4.2 soft appliance up and running. When going to Inventory >> Acquisition summary, I get a HTTP 500 error with
  java.lang.NullPointerException.
  That is obviously a bug somewhere (although the TAC engineer disagrees with me). I am just wondering if this is could have been caused by the fact that I have not done any user tracking on this LMS server yet?
  HTTP Status 500 -
  type Exception report
  message
  description The server encountered an internal error () that prevented it from fulfilling this request.
  exception
  java.lang.NullPointerException
       com.cisco.nm.ani.clients.utng.action.UTDiscoveryStatAction.perform(UTDiscoveryStatAction.java:47)
       org.apache.struts.action.ActionServlet.processActionPerform(ActionServlet.java:1786)
       org.apache.struts.action.ActionServlet.process(ActionServlet.java:1585)
       org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:491)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
       org.ajaxanywhere.AAFilter.doFilter(AAFilter.java:46)
       com.cisco.nm.cmf.util.AccessLogFilter.doFilter(AccessLogFilter.java:128)
  note The full stack trace of the root cause is available in the Apache Tomcat/6.0.33 logs.
  Apache Tomcat/6.0.33

  Usertracking is on by default so after some time it should have gathered UT info.
  You need devices in campus 'Topology' of course.
  UT is a subprocesses of ANIServer so you can't see it running, you can only see it in the status of the collection summary view.
  You can crank up the debug levels to see whats going on.
  Cheers,
  Michel

• Campus Manager User Tracking Report - dot1xEnabled = False

  The Campus Manager User Tracking Report has the dot1xEnabled field that is always false.
  It was my understanding that the switch will send SNMP Trap Notifications to Cisco Works regarding the status of 802.1x authentication per port.
  We have configured per port:
  snmp trap mac-notification added
  snmp trap mac-notification removed
  and globally
  snmp-server host x.x.x.x  abababa udp-port 1431 MAC-Notification
  With no success, so we opened a TAC case, 614376387 and we were told by TAC and the Development Engineers that this "feature" does not work in LMS 3.2 and Campus Manager 5.2.1 and that this feature will be available in the next new release.
  I thought I had read on this forum that some folks have this 'feature' working, where this field shows the current status of 802.1x per access port.
  Has anyone been able to get this 'feature' to work?  And if so, what versions are you running and what were the 'tricks' to get it working?
  Much appreciated.

  The MAC address notification traps only alert Campus to the fact that a MAC address has been learned or removed from a given port.  That starts the dynamic UT process.  With no other information, you will potentially see a new record appear in UT shortly after receiving the trap.  However, that record will not have IP or username data associated with it.
  To get the IP data, Campus will poll the CISCO-DHCP-SNOOPING-MIB to pull IP data.  To get username data, Campus will poll the IEEE8021-PAE-MIB of the switch to get dot1x information.  So, your switch must be configured for dot1x, and it must support this MIB (in particular, the objects dot1xAuthSessionTime, dot1xAuthSessionUserName, and dot1xPaePortCapabilities).
  Without dot1x, hope is not lost.  If the end host is running Windows and the UTLite tool, then when the user logs in, UTLite should start from their logon script, and send a UDP update to Campus with the username and IP of the host.

• User tracking not finding any hosts in Ciscoworks LMS 3.1

  L.S.
  Our test-configuration is as follows:
  Application versions:
  Ciscoworks LMS 3.1
  Ciscoworks Common Services 3.2.0
  Campus Manager 5.1.4
  We have 31 managed devices in Campus Manager (data has been collected on all),
  Edit: All of them show up green in the topology window.
  The device are: 2 6509 cores (running IOS s72033_rp-IPSERVICESK9_WAN-M version 12.2(18)SXF8), 1 ASA firewall (running ASA-OS version 8.0.5) and 29 switches (2960 and 3560 models both running ios version 12.2(52)SE). The switches are connected as follows:
  User tracking jobs are running normally, but aren't finding any end-hosts or IP phones at all (I suspect around 250-500 hosts+ on these switches)
  We are running SNMP v3 on the switches and have added the following configuration items to all the switches:
  snmp-server group readonly v3 auth context vlan-1
  <repeat for all present snmp-contexts as shown in show snmp context output>
  snmp-server group readonly v3 auth context vlan-83
  Debugging is enabled in CM->Admin->Debugging Options->User Tracking Server
  This is the UT.log file of the last major acquisition:
  messages will remian logged to file: D:\PROGRA~1\CSCOpx\log\ut.log
  2010/01/13 14:00:01 main MESSAGE ProcessInitializer: Properties will be read from D:\PROGRA~1\CSCOpx\campus\etc\cwsi\ut.properties
  I= 0value *.*.*.*
  I= 1value 6
  I= 2value 1
  2010/01/13 14:00:01 main MESSAGE DBConnection: Created new Database connection [hashCode = 10969598]
  PartialOrderNode tree dump: time base = VMPSMajor
  <root>
      VMPSMajor: <root>
      VMPSMajor:     VMPSMajor.GetXMLData
      VMPSMajor:         VMPSMajor.PingSweep
      VMPSMajor:         VMPSMajor.PopulateFromDCR
      VMPSMajor:             VMPSMajor.GetPortStatus
      VMPSMajor:                 VMPSMajor.GetBridgeTable
      VMPSMajor:             VMPSMajor.Sweep
      VMPSMajor:                 VMPSMajor.GetIpXlateTable
      VMPSMajor:                 VMPSMajor.GetIpv6XlateTable
      VMPSMajor:                     VMPSMajor.GenerateTable6
      VMPSMajor:                         VMPSMajor.GenerateTable
  SMFunction evaluation order: time base = VMPSMajor
    VMPSMajor.GetXMLData  Major
    VMPSMajor.PingSweep  Minor
    VMPSMajor.PopulateFromDCR  Major
    VMPSMajor.GetPortStatus  Minor
    VMPSMajor.Sweep  Major
    VMPSMajor.GetBridgeTable  Minor
    VMPSMajor.GetIpXlateTable  Minor
    VMPSMajor.GetIpv6XlateTable  Minor
    VMPSMajor.GenerateTable6  Major
    VMPSMajor.GenerateTable  Major
  Time base VMPSMajor has 5 major nodes and 3 minor traversals.
  log4j:ERROR No appenders could be found for category (CTM.common).
  log4j:ERROR Please initialize the log4j system properly.
  In classlist loader
  In classlist loader processing sub classes
  updation done
  In classlist loader completed
  2010/01/13 14:00:03 main MESSAGE DBConnection: Created new Database connection [hashCode = 12524859]
  Calling default
  Subnet to SubnetData Map Size :73
  2010/01/13 14:01:31 DBConnecton-Reaper MESSAGE DBConnection: Closed Database connection [hashCode = 12524859]
  2010/01/13 14:01:31 DBConnecton-Reaper MESSAGE DBConnection: Closed Database connection [hashCode = 10969598]
  2010/01/13 14:04:50 main MESSAGE DCRDevWrapper: Closing DCRProxy
  I'm slowly getting to a dead end here. What am I missing?

  Well, our problem was resolved finally through a weird coincendence after having a websession with a Cisco TAC engineer (TAC case SR 613376661)
  We changed the
  snmp-server group readonly v3 auth context vlan-xxxx
  commands in the switches to:
  snmp-server group writeonly v3 auth context vlan-xxxx
  that is: use the writestring in the snmp-server groups instead of the read string.
  After we changed that, all of the User Tracking mysteriously started working.
  As far as I know, the writestring should not be needed, but apparently it is....
  Is there any explanation for this?

• Prime Infrastructure 2.0 and User Tracking

  Hello
  I'm having a look at getting wired User Tracking working on Prime 2.0. I checked that it is supported in the following link:
  http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6504/ps6528/ps12239/guide_c07-729089.html                  
  I'm having a problem getting dynamic user tracking working for wired non-802.1x clients. The switches are configured for mac-notification traps and the config works fine for LMS.
  Another LMS User Tracking feature I'd link to get working in Prime 2.0 is CUCM intergartion where Prime would pull IP Phone extensions/names etc from CUCM.
  Are either of these User Tracking features supported in Prime 2.0 (or at least roadmapped) or should I stick with LMS 4?
  Thanks
  Andy

  I am gettng good non-802.1x wired user tracking info. see the screenshot below (click to expand).
  I don't have a CM so I can't comment on that bit.
  Row 1 in the screenshot, for example, is confirmed with the following CLI output:
  User_Access#sh run int fa1/0/41
  Building configuration...
  Current configuration : 177 bytes
  interface FastEthernet1/0/41
  description user access
  switchport access vlan 10
  switchport mode access
  snmp trap mac-notification change added
  spanning-tree portfast
  end
  User_Access#sh mac address-table | i 1/0/41
    10    000f.b58e.3732    DYNAMIC     Fa1/0/41
  User_Access#sh inv
  NAME: "1", DESCR: "WS-C3750-48P"
  PID: WS-C3750-48PS-S   , VID: V10  , SN: FDO1425X2M9
  User_Access#sh ver | i bin
  System image file is "flash:/c3750-ipservicesk9-mz.122-55.SE5.bin"
  User_Access#

• LMS 4.0.1 user tracking issue

  Hi All,
  I have an interesting problem at one of my customers. They are using LMS 4.0.1, but they have a problem with user tracking with SNMPv3. They using a very simple SNMP configuration, wich is the following:
  access-list 80 permit x.x.x.x
  snmp-server group SNMPV3GROUP v3 priv write SNMPV3_VIEW access 80
  snmp-server view SNMPV3_VIEW iso included
  snmp-server view SNMPV3_VIEW mib-2 included
  snmp-server view SNMPV3_VIEW cisco included
  User name: SNMPV3USER
  Engine ID: 8000000903000014F2C38169
  storage-type: nonvolatile        active access-list: 80
  Authentication Protocol: SHA
  Privacy Protocol: AES128
  Group-name: SNMPV3GROUP
  snmp-server group SNMPV3GROUP v3 context vlan-X
  Now they have UT working well for their Ctalyst 4500 switches, and the half of the 6500s (They have 2950 switches as well, but for those UT with SNMPv3 is unsupported). So the problem is the following: they have 12 6500 switches, with the same IOS version (10 pieces of WS-C6506-E + SUP720-3B IOS: 12.2(18)SXF17 (IP Services), 2 pieces of WS-C6506 + SUP720-BASE IOS: 12.2(18)SXF17 (IP Services)). They have identical SNMP configuration on both devices. Based on the logs from LMS it seems that on the problematic switches for some reason LMS identifies the switchports as routed:
  ==============Checking for Device==============
  10.255.255.11 : INFO : The switch has been discovered by ANI Server.
  IP : 10.255.255.11
  Details :Cisco Internetwork Operating System Software
  IOS (tm) s72033_rp Software (s72033_rp-IPSERVICESK9-M), Version 12.2(18)SXF17, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2009 by cisco Systems, Inc.
  Comp
  ==============Checking for port Gi1/1==============
  Gi1/1 : ERROR : ANI Server has discovered this port as a Routed port. Please run the UTDebug command only on ports connected to end hosts.
  The config in the device as follows:
  interface GigabitEthernet1/1
  switchport
  switchport access vlan 162
  switchport mode access
  no ip address
  no snmp trap link-status
  spanning-tree portfast
  end
  TOL_6506E_GT_COR_SW1#sh mac- | i Gi1/1
  *  162  0050.5648.a765   dynamic  Yes          0   Gi1/1
  TOL_6506E_GT_COR_SW1#sh ip arp vrf ebh | i 0050.5648.a765
  Internet  10.222.224.129        122   0050.5648.a765  ARPA   Vlan162
  TOL_6506E_GT_COR_SW1#
  I didn't find any relevant bugs. Has anyone have any idea?
  Thanks in advance,
  Imre

  I'm not sure why Campus looks at that port as a routed port, but I ignore the errors in the campus ANI logs as there are too many of them even when everything works.
  I always forget the OID (google knows it), but you best try to do an SNMP walk of the mac address table on the LMS server for a vlan you are interested in. Just to see if it can get it
  In CSCOpx\bin you find a snmpwalk.exe
  I'm not immediately sure why LMS would not be able to get that info via SNMP but it does narrow down on the root cause of your problem
  Cheers,
  Michel

• User tracking ip/host resolution how it works

  I know usertacking using layer 3 devices to resolve host name/ ip address. on my case devices are behind the firewall and the devices not on my router arp table . the arp table is on firewall show the mac. however interestingly usertracking still resolve the name.the firewall is not even a cisco brand. that is very new to me and I im thinking may be i am not fully understand user tracking. can some one explain to me. thanks in advance

  I've been meaning to write up a doc on how UT works.  In the meantime, for layer 3 resolution, UT does a few things.  Historically, it has always tried to acquire ARP entries from layer 3 devices in the network during its acquisition cycles.  A layer 3 device need not be a router.  It can be a 3560 switch, for example.  Firewalls (even Cisco firewalls) are not supported for this.  Using this layer 3 info, UT will perform a reverse lookup to get a hostname for the end host.
  The next thing UT does to get layer 3 information is to listen for UTLite updates from Windows hosts.  These updates will contain the MAC address of the client, the username logged into the client, and the IP address of the client.  UT will not do a lookup of this information to get a hostname, however.
  Finally, UT can query switches for DHCP snooping details to find an IP address.  This is dependent on dynamic UT being enabled, and that the end host triggered a MAC notification trap to be sent.  Of course, the switch to which the user connects must have DHCP snooping enabled.  Again, UT will not perform a hostname lookup on this IP.
  My guess based on what you describe is that you have some layer 3 devices in your network like 6500s, 3560s, 4500s, etc. that have some ARP entries populate, and UT is using these to get IPs.  That assumes you're seeing hostnames.  If you are only seeing IPs, then you could be using UTLite or dynamic UT with DHCP snooping.