cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10131
Views
20
Helpful
22
Replies

ACS 5.2 Migration utility fails on ACS 4.x Server ID

johnroman
Level 1
Level 1

I am working through the migration from ACS 4.1.4 on Windows Server 2003 to ACS 5.2 on the appliance.  I have created the 4.1.4 migration server, installed the software and imported the data from our production ACS 4.1.4 box.  I downloaded the migration utility from the 5.2 ACS server and am attempting to run on the 4.1.4 migration server.  The question that fails is:

Enter ACS 4.x Server ID:

I do not know what this means and do not see anything on the 4.1.4 server that identifies the Server ID.  I try localhost and it does not work and the 4.1.4 server is not registered in DNS or I would try that  (and . are not valid characters in the ID so the IP does not work).

How have other people handled this question?  Is there something that can identify the local server ID?

22 Replies 22

Tiago Antunes
Cisco Employee
Cisco Employee

Hi,

The ACS server id is the hostname of the machine where ACS is running.

It does not need to be necessarily registered on the DNS. Please note that the server id is only to identify the migation data, it is not used for any DNS resolution.

If you go to System Configuration -> Service Control, you will see a header saying " CiscoSecure ACS on 'server_id' ".

Also, please make sure that you are not accessing the migration machine via RDP, as it will not work.

HTH,

Tiago

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

Tiago,

 

Thanks, I am migrating to a ACS 5.5 server and cisco documentation is not the clearest and it took me awhile and a lot of prayer to get to this point. I had the right ACS 4.x server id, but I was accessing via RDP. Much appreciated even after your post 3 years ago.

Robert

Hi robert,

We will be planning the migration from 4.2 to 5.5 tomorrow, have gone through all the documents by cisco. Still have some queries like will I be able to change the ip adds of the new 5.5 ACS, how does the data import will happen in 5.5 with migration utility. Lots of confusion ...if u can help me it will be great.

Regards,

Arun

 

You mean the IP address of ACS gigabit interface? If that's what you meant than yes you can change the ip address. You're only migrating the application database from ACS 4.x to ACS 5.5 that includes the items listed in the below table.

ACS Elements that Migration Process Supports 

 
ACS 4.x Element
 
ACS 5.5 Element
 

AAA Client/Network Device

 

Network Device. See AAA Client/Network Device for more information.

 

Internal User

 

Internal User. See Internal User for more information.

 

User Defined Fields (within Interface Configuration section)

 

Identity Attributes/Internal User. See User Group for more information.

 

User Group

 

Identity Group. See User Group for more information.

 

Shared Shell Command Authorization Sets

 

Command Set. See Shared Shell Command Authorization Sets for more information.

 

User T+ Shell Exec Attributes

 

Identity Attributes/Internal User. See User Group for more information.

 

Group T+ Shell Exec Attributes

 

Shell Profile. See User Group Policy Components for more information.

 

User T+ Command Authorization Sets

 

Command Set. See User Group for more information.

 

MAC Authentication Bypass (MAB) Addressed

 

Internal Host Database. See MAC Addresses and Internal Hosts for more information.

 

Shared Downloadable Access Control List (DACL)

 

Downloadable ACL. See Shared DACL Objects for more information.

 

EAP-FAST Master keys

 

EAP-FAST Master keys. See EAP-Fast Master Keys and the Authority ID for more information.

 

Shared RADIUS Authorization Components

 

Authorization Profiles. See Shared RACs for more information.

 

Customer Vendor-Specific Attributes

 

Customer VSAs. See Customer VSAs for more information.

 

Max User Sessions

 

Maximum User Sessions. See Max User Sessions for more information.

 

Regards,

Jatin Katyal

*Do rate helpful posts*

~Jatin

Hi Jatin,

I have planned activity as follows,

Step 1 Install ACS 5.5 on SNS 3415-K9 ( Ignore if it is pre-installed)------download the migration utility from the same ACS 5.5 web interface  or from the DVD provided .

 

 

  1. To access the Migration Utility, download it from the ACS 5.5 web interface. To download migration application files:

Step 1 Choose System Administration > Downloads > Migration Utility.

The Migration from 4.x page appears.

Step 2 Click Migration application files to download migration.zip, which contains the application files you use to run the Migration Utility.

 

  1. Utility can be copied from the DVD migration.zip to migration machine

 

  1. Enable migration interface on target machine i.e. SNS3415-k9

 

acs config-web-interface migration enable

 

 

Step 2 Install Cisco Secure Access Control Server (4.2.1 with latest patches) for Windows on the migration machine.

 

 

Step 3 Back up the ACS 4.2 data on old ACS 4.2.1.-(Same latest patches should be in old ACS4.2.1)

 

 

Step 4 Restore the data in the migration machine.

 

Note that the backed up data needs to accessible from migration machine. Either data can be copied to migration machine or the migration machine needs to be connected in the same network.

 

 

Step 5 Run the Analysis and Export phase of the Migration utility on the migration machine.-------While executing the same all the ACS machines needs to be in reachable to each other.

 

Running the Migration Utility

Step 1 Open a command prompt and change directory to C:\Migration Utility\migration\bin.

You can specify any directory in which to install the Migration Utility. This example uses the Migration Utility as the root directory.

Step 2 At the command prompt, type migration.bat. To run the Migration Utility:

 

While running the migration tool ensure that all the required details are entered correctly.

Utility can be run multiple times and results can be verified.

 

Step 6 Import the data from the migration machine to the SNS 3415-K9 that has ACS 5.5 installed

Now my queries 1) I will be connecting all the machines in n/w -so IP has to be in same network, so i will not be able to use the old 4.2 ACS's IP If the same has to be used how the same can be achieved.

2) how exactly the migration utility works as there are no snapshots in document it only talks abt what it will analyse and what will be migrated, my worry is how do i import that validation passed or analysed data to 5.5.

3) While running setup on 3415 appliance what are mandatory fields and what are not.

Hello, according to my experience you can write there anything - it will only created subfolder with similar name under migration tool folder.

johnroman
Level 1
Level 1

Tiago got it right:

Also, please make sure that you are not accessing the migration machine via  RDP, as it will not work.

The process works when using VNC but not with RDP to this virtual server. I think that is stated somewhere in the documentation, but I could not believe RDP would not work. 

Thanks for the responses.

Hi,

Good!!

Here is the doc:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/migration/guide/Migration_support.html#wp1021993.

HTH,
Tiago

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

Hi,

I'm doing this process, but with a migration machine on vmware with S.O. W2K8 Stantard SP1. When I enter the option 1 (Analyze and Export), this is the result: "Fatal Error !! - cannot connect to ACS 4.x DB !!"

I have tried running the bat file as:

- Administrator

- Compatibility mode W2K3 SP1

- Compatibility mode Win XP SP2

None of the combinations of the options had worked. Any ideas?

Thank you in advance,

Hello, I have very good experience with combination: VirtualBox + Windows Server 2000. It is very simple environment with minimal things which can fail and working like charm.

I found this in the log: Could it be a java issue?

5-10-2011 02:27:52 ACS4Connector.checkDBConnectivity(ACS4Connector.java:137)FATAL -  Fatal Error !! - cannot connect to ACS 4.x DB !!

java.sql.SQLException: [Sybase][ODBC Driver][Adaptive Server Anywhere]Database server not found

at ianywhere.ml.jdbcodbc.IDriver.makeODBCConnection(Native Method)

at ianywhere.ml.jdbcodbc.IDriver.connect(IDriver.java:354)

at java.sql.DriverManager.getConnection(Unknown Source)

at java.sql.DriverManager.getConnection(Unknown Source)

at com.cisco.nm.acs.mgmt.migration.ACS4Connector.getConnecter(ACS4Connector.java:66)

at com.cisco.nm.acs.mgmt.migration.ACS4Connector.checkDBConnectivity(ACS4Connector.java:133)

at com.cisco.nm.acs.mgmt.migration.MigrationApplicationCLI.runExport(MigrationApplicationCLI.java:605)

at com.cisco.nm.acs.mgmt.migration.MigrationApplicationCLI.main(MigrationApplicationCLI.java:266)

Michal thank you for your comment, I tried with Win2K but I had too much trouble dealing with IE6, so I decided to try with a Win2K3 and it finally worked. The exact information of the VM is:

  • Vmware Fusion 3.1.2
  • Virtual machine with 1GB RAM and 8 GB HDD
  • Windows 2003 Enterprise Edition Service Pack 2 unpatched
  • ACS 4.2.0 124 Patch 11
  • Java JRE build 1.5.0_22-b03. As far as I checked, the migration tool uses its own java with version 1.5.

The S.O a.nd java versions tested that didn't work were the following :

  • Windows 2008 Standard Edition
  • Java 1.4
  • Java 1.5
  • Java 1.6

I established a VPN to the internal network of the customer from the VM, where the new and old server reside, and there were no issues.

you can get the answer on this URL,

http://blogg.kvistofta.nu/acs-4-1-5-1-migration-tool/

Hi,

 

I face one issues on this as well. During run the migration.bat. it keep show this error.

 

I am currently running on:

ACS version 4.1.1.24, window 2003 standard and jre 1.5.0.

Do you have any idea on the log error below?

i tried download activation and mail also have the same error.

  • Virtual machine with 1GB RAM and 8 GB HDD
  • Windows 2003 Enterprise Edition Service Pack 2 unpatched
  • ACS 4.2.0 124 Patch 11
  • Java JRE build 1.5.0_22-b03. As far as I checked, the migration tool uses its own java with version 1.5.
  • - See more at: https://supportforums.cisco.com/discussion/11074101/acs-52-migration-utility-fails-acs-4x-server-id#sthash.BmC7xlSp.dpuf

 

05-15-2015 10:06:23 JavaUtils.isAttachmentSupported(JavaUtils.java:1308) WARN - Unable to find required classes (javax.activation.DataHandler and javax.mail.internet.MimeMultipart). Attachment support is disabled.
05-15-2015 10:08:50 JavaUtils.isAttachmentSupported(JavaUtils.java:1308) WARN - Unable to find required classes (javax.activation.DataHandler and javax.mail.internet.MimeMultipart). Attachment support is disabled.
05-15-2015 10:40:27 JavaUtils.isAttachmentSupported(JavaUtils.java:1308) WARN - Unable to find required classes (javax.activation.DataHandler and javax.mail.internet.MimeMultipart). Attachment support is disabled.

 

 

Regards,

Johnson

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: