06-21-2010 07:20 AM - edited 03-10-2019 05:12 PM
Hi,
how to force a full replication in ACS 4.1 ?
Sometimes, I cannot find some users only in the secondary ACS and the primary ACS doesn't replicate them again (because no changes made on primary ACS).
thank you in advance
rs
06-21-2010 07:17 PM
If few users are not getting mapped then these users might be mapped as dynamically users and later on someone might have done some changes under user profile and it started appearing as static users but in actual acs never changes the flag value of dynamically mapped users.
If they are static users and you didn't change any thing then the only option left to delete and readd the user. It wll work for sure.
ACS replication components.
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/SCAdv.html#wp756374
HTH
Jatin
Do rate helpful posts-
06-22-2010 02:39 AM
Hi RS,
It seems you are talking about dynamic users (User that are stored in AD). Dynamic users are not replicated and there is no need to worry about. Backup ACS will show those user once they are authenticated by secondary server.
This is how it works
--> USER1-------> Got authenticated via Primary ACS---> This user will show up in user database and further it will not be replicated to secondary ACS, so --> Secondary ACS will not show USER1 in its database.
Now our primary server goes down.
---> User1 tries to login again ---> Will be authenticated via Secondary ACS---> Now you will see this user in its database.
Hope that helps!
Regards,
~JG
Do rate helpful posts
06-22-2010 02:50 AM
Hi, I agree with you, they would seem dynamic user, imported with unknown ures policy, but they are users with windows password only.
How to see a list of dynamic users only in ACS 4.1 to verify their nature ?
thanks
rs
06-22-2010 04:40 AM
When you click on user setup and then list all user. It will show you all the users ACS has authenticated. Users who are labelled with "dynamic" word are called dynamically mapped from AD.
HTH
Jatin
Do rate helpful users-
06-22-2010 05:48 AM
Ok, I confirm you those users were not dynamically imported, but statically defined.
thank you in advance
greatings
rs
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide