01-23-2011 09:51 AM - edited 03-10-2019 05:44 PM
HI,
is there any way to change the shared secret key for all devices in bulk instead of going to each clients and changing key in ACS 4.2.1 ?
Please let me know if is there any way to perform it faster.
Thanks
Solved! Go to Solution.
01-23-2011 02:22 PM
Hi Nitin,
Well, if you have all the devices in a single NDG then just click on that NDG >> at the bottom click edit properties >> enter the new shared secret key there and it will take precedence from there on. Even though if you click on any AAA client inside that NDG, it will show the OLD shared secret key but due to the presence of this feature where NDG key will always override the AAA client, this will surely work for you.
If you're not convinced with the above suggestion and really want to change the shared secret key then let me know;
Are you using ACS SE or ACS windows. I'm assuming that you have ACS SE
Here you need a CSV file with the action code to certain NAS and you should be able to synch the CSV file with RDBMS to the database using
4.2 version
Code 224 - UPDATE_NAS
VN = AAA client Name
V1 = IP-Address
V2 = shared secret key
V3 = vendor
RDBMS Synchronization Import Definitions
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/A_RDBMS.html#wp148322
Action Codes for Modifying Network Configuration
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/A_RDBMS.html#wp78096
HTH
Jatin
Do rate helpful posts~
01-23-2011 02:22 PM
Hi Nitin,
Well, if you have all the devices in a single NDG then just click on that NDG >> at the bottom click edit properties >> enter the new shared secret key there and it will take precedence from there on. Even though if you click on any AAA client inside that NDG, it will show the OLD shared secret key but due to the presence of this feature where NDG key will always override the AAA client, this will surely work for you.
If you're not convinced with the above suggestion and really want to change the shared secret key then let me know;
Are you using ACS SE or ACS windows. I'm assuming that you have ACS SE
Here you need a CSV file with the action code to certain NAS and you should be able to synch the CSV file with RDBMS to the database using
4.2 version
Code 224 - UPDATE_NAS
VN = AAA client Name
V1 = IP-Address
V2 = shared secret key
V3 = vendor
RDBMS Synchronization Import Definitions
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/A_RDBMS.html#wp148322
Action Codes for Modifying Network Configuration
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/A_RDBMS.html#wp78096
HTH
Jatin
Do rate helpful posts~
01-26-2011 07:22 AM
Hi thanks so much for your reply. Yes I have ACS SE. Yeah I know we can change shared key on group which will overwrite AAA client key but problem is that customer has not created any NDG so all the devices are in default group which is not assigned.... and I can not set any thing on this group...so I will have to move all the device in new group...or I will have to export these devices some how & then edit the exported data and change the key in that then import abck in ACS SE.....
As you suggested that I can import data from CSV and can sync with RDBMS....can I export as well from ACS SE...if this is possible then I will export data in CSV will edit and then import back it with changes....
Thanks once again for your help....
01-26-2011 07:39 AM
Yes, you can also export them from the ACS SE.You can get the aaa clients/devices information in excel sheet from below mentioned steps:
Go to Network Configuration > Search > Keeps the search setting to default i.e. to search all. Then press search. There will be a "Download" option that will appear in the left corner of the search result. Click on it save that list.
This list will contain,
- Name
- IP Address
- Type
- NDG name (if any)
I doubt that this contains the shared secret key for AAA clients.
Rgds,
Jatin
Do rate helpful posts-
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide