https://community.cisco.com/t5/network-access-control/acs-4-2-replication-help/m-p/1618741#M266389 <P>Hi All ,</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; I am new to wireless LAN authencation , I have about 1000 Wireless access point &amp; 15,000 users in my enterprise network , we have 3 acs server version 3.3 ( primary ,secondary , incountry ) , Now we are upgrading this acs server 3.3 to acs 4.2 version . Primary server 4.2 is ready with all aaa clients defined ,</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; I need to replicate all database from primary server to secondary server and to incountry server . wht all things to be predefined before performing replication .</P><P></P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; similarly my end user accounts NAS&nbsp; has been defined separately to an windows database , whether i need to defined this windows database to my both primary &amp; secondary sever separatley else my replication will replicate all the things from primary server .</P><P></P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; I have some help documents for enterprise wireless lan authencations , Thank you</P> Mon, 11 Mar 2019 00:47:42 GMT sansarav720e 2019-03-11T00:47:42Z https://community.cisco.com/t5/network-access-control/acs-4-2-replication-help/m-p/1618741#M266389 <P>Hi All ,</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; I am new to wireless LAN authencation , I have about 1000 Wireless access point &amp; 15,000 users in my enterprise network , we have 3 acs server version 3.3 ( primary ,secondary , incountry ) , Now we are upgrading this acs server 3.3 to acs 4.2 version . Primary server 4.2 is ready with all aaa clients defined ,</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; I need to replicate all database from primary server to secondary server and to incountry server . wht all things to be predefined before performing replication .</P><P></P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; similarly my end user accounts NAS&nbsp; has been defined separately to an windows database , whether i need to defined this windows database to my both primary &amp; secondary sever separatley else my replication will replicate all the things from primary server .</P><P></P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; I have some help documents for enterprise wireless lan authencations , Thank you</P> Mon, 11 Mar 2019 00:47:42 GMT https://community.cisco.com/t5/network-access-control/acs-4-2-replication-help/m-p/1618741#M266389 sansarav720e 2019-03-11T00:47:42Z https://community.cisco.com/t5/network-access-control/acs-4-2-replication-help/m-p/1618742#M266397 <HTML><HEAD></HEAD><BODY><P><SPAN style="color: #800000;">Well, To start off, I would say that the secondary and incountry server should be on same version that is 4.2 and same patch.</SPAN></P><P><SPAN style="color: #800000;"><BR />The following items cannot be replicated:</SPAN></P><P><SPAN style="color: #800000;"><BR />•IP pool definitions<BR />•ACS certificate and private key files.<BR />•Dynamically-mapped users.<BR />•Settings on the ACS Service Management page in the System Configuration section.<BR />•RDBMS Synchronization settings.</SPAN></P><P><SPAN style="color: #800000;"><BR />Also make sure that we don't have any firewall in between two acs servers.</SPAN></P><P><SPAN style="color: #800000;"><BR />Also, NAS device can never be configured for windows database it will always send the request to tacacs/radius and authentication server will decide wehther it should be authenticated through the internal user database or AD depending upon the user location.</SPAN></P><P><SPAN style="color: #800000;"><BR />However, if you didn't mean that and you wanted to say that half of the devices are configured to ACS for their internal username/password and other half devices confgured for secondary ACS pointed towards AD then in this case replication will always override the known groups.</SPAN></P><P><SPAN style="color: #800000;"><BR />Configurating replication</SPAN></P><P><SPAN style="color: #800000;"><A class="jive-link-external-small" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080742f60.shtml">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080742f60.shtml</A></SPAN></P><P></P><P><SPAN style="color: #800000;"><BR />Rgds, Jatin</SPAN></P><P></P><P></P><P></P><P><SPAN style="color: #800000;">Do rate helpful posts~</SPAN></P></BODY></HTML> Fri, 04 Feb 2011 01:10:52 GMT https://community.cisco.com/t5/network-access-control/acs-4-2-replication-help/m-p/1618742#M266397 Jatin Katyal 2011-02-04T01:10:52Z