Cisco DCNM implements user-based access to allow you to control who can access a Cisco DCNM server by using the Cisco DCNM client. User access is secured by a password. Cisco DCNM supports strong passwords. You can use local authentication as the primary authentication mode. If you specify RADIUS or TACACS+ as the primary authentication mode, the Cisco DCNM server always falls back to local authentication if no authentication server for the current authentication mode is reachable.
RADIUS and TACACS+ Authentication
You can configure Cisco DCNM to authenticate users with either the RADIUS or TACACS+ AAA protocol. Cisco DCNM supports primary, secondary, and tertiary authentication servers for RADIUS and TACACS+. Only a primary server is required. For each authentication server, you can specify the port number that the server listens to for authentication requests.
User Role Assignment by RADIUS and TACACS+
Cisco DCNM supports the assignment of a user role by the RADIUS or TACACS+ server that grants a user access to the Cisco DCNM client. The user role assigned to a user is in effect for the current session in the Cisco DCNM client only.
To assign a Cisco DCNM user role by RADIUS, configure the RADIUS server to return the RADIUS vendor-specific attribute 26/9/1, which is the Cisco-AV-Pair attribute. To assign a Cisco DCNM user role by TACACS+, the TACACS+ server must return a cisco-av-pair attribute-value pair. If an authentication response does not assign the user role, Cisco DCNM assigns the User role.
Change Admin Password
Follow the steps to change admin password.
1. SSH to the DCNM server
2. cd to /usr/local/cisco/dcm/fm/bin
3. "./addUser.sh --help" to see the syntax of the command.
The syntax for the addUser.sh script is "./addUser.sh <username> <password> <dbpassword>". The adduser script can be used to add new user accounts or to change the password of existing user accounts.
4. To change the admin password, the command would look something like this,
"./addUser.sh admin <new password> <dbpassword>"
If you have forgetten the database password, then you can find it in the file, /usr/local/cisco/dcm/jboss-as.7.2.0-Final/standalone/conf/postgres.cfg.xml. Use the command "cat /usr/local/cisco/dcm/jboss-as.7.2.0-Final/standalone/conf/postgres.cfg.xml" to print the contents of the file to the screen.
Hi there.In order to do a health check of ACI's nodes, I was trying to get the global temperature from each node by API REST.The output is similar to the 'show temperature' command:C220-FCH1807V02V /sensor # show temperature
Name Sensor Reading Units...
I have a Nexus Dashboard cluster and when I tried to add ACI/APIC as site using the admin account, it just tells me login failure as below...I can use the same admin account to login from browser and also from postman...Any further log/debug I can use to ...
HiWe have a pair of 5K's in a vpc domain and I am wondering if I want to configure BGP do whats the best way to achieve this i cant find any decent explanation, I want to peer with NSX devices and Nexus devices but need some basic info, also If...