Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3100
Views
0
Helpful
7
Replies

From DNA change atomoatically local user in switches

Ernesto_ Hernandez
Level 1
Level 1

‎07-05-2021 09:05 AM

 I need to change the local admin psw in several swtiches, how can I do it from DNA automatically?

Labels:
0 Helpful
7 Replies 7

balaji.bandi
Hall of Fame
Hall of Fame

‎07-06-2021 07:29 AM

i would do this out of the box with the script, and use DNAC may not be right i gues here.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Mike.Cifelli
VIP Alumni
VIP Alumni

‎07-06-2021 07:50 AM

Here is a high-level overview of steps taken to modify the global & local DNAC user/pass/enable:

Change global username pass in ise
Change global username/pass in dnac device creds
Assign global dnac creds -- to all inventory (let sync)
Reprov via temp editor -- to change enable pw
*all devices in inventory will show enable error under manageability
After re-prov'ing all devices:: change dnac enable in ise; change enable in dnac network creds
Test resync of all devices -- all devices should now be fully managed in DNAC inventory

 

See attached for more detail.  HTH & good luck!

Preview file
238 KB
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Mike.Cifelli

‎07-06-2021 08:30 AM

@Mike.Cifelli  i may be wrong, that is to provisioning the device intially required local password, so though template we can overide local username and passwords ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Mike.Cifelli
VIP Alumni
VIP Alumni

‎07-06-2021 08:46 AM

@balaji.bandi Apologies for any confusion.  My overview/example shared was the procedures I have used in the past to update DNAC global creds + local fabric device creds on an existing deployment.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Mike.Cifelli

‎07-06-2021 09:48 AM

Fare Enough, trying to understand learn here, if something we missing here.  so using template we can overwride  basic config of the switch.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Mike.Cifelli
VIP Alumni
VIP Alumni

‎07-06-2021 10:14 AM

 so using template we can overwride  basic config of the switch.

-Yes in the scenario shared/mentioned you would be managing already provisioned fabric devices via the global credentials and not local.  Therefore you could use templates to reconfigure local creds via ssh+global creds pending proper config/communication with radius server.  The doc I shared goes through step by step.  Note that the last item changed is the global enable pw since it must first be changed locally on each device.  Changing the global enable out of order will create login/management issues.  HTH!

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Mike.Cifelli

‎07-06-2021 10:18 AM

Cheers for sharing your thoughts and appricaited for the clarification.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents