02-23-2010 08:53 AM - edited 03-10-2019 04:58 PM
I need to import a VSA for a Nortel Oprtera 3500. The manual says to create a accountaction.csv file and import it with RDBMS. The only examples I see for creating an accountaction.csv file is to add user, group and device information. Does anyone have an example, or know the format of the csv file to import VSA's?
Thanks,
Mark
02-24-2010 03:23 AM
Assuming I wanted to add a string type VSA called MYCO-VSA-1 with VSA id 1 for MYCO whose IANA assigned vendor Id was 820 I'd do something like this:
SequenceId,Priority,UserName,GroupName,Action,ValueName,Value1,Value2,Value3,DateTime,MessageNo,ComputerNames,AppId,Status
,,,350,MYCO,1,820,,,,,,
,,,352,MYCO-VSA-1,820,1,STRING,,,,
,,,353,,820,1,IN OUT,,,,,
,,,355,,,,,,,
Action 350 creates a new VSA vendor at slot 1 (ACS has 10 slots for user defined vendors)
Action 352 creates a new VSA for a user defined vendor
Action 353 sets the profile type to "in out" ie the attribute may be in inbound and outbound packets. The "out" will allow you to set values in an ACS group config.
Action 355 causes a partial re-start within ACS to load the new config
There are also integer and enumerated VSA types. enumerated is nice because you can list specific allowed values which are displayed in a drop-down by the ACS group/user edit pages.
Once you've done this, goto interface config to enable the new stuff, then it will showup under group/user edit etc.
Full docs online http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.0/user/guide/ag.html#wp89549
Good luck!
www.extraxi.com for all your ACS reporting needs
02-24-2010 07:15 AM
Hello,
i have succesfully imported VSA Settings for the Vendor Huawei on ACS SE 1112 v4.0:
1,0,,,351,,8,,,07/09/2007,,,,0
2,0,,,350,HUAWEI,8,2011,,07/09/2007,,,,0
3,0,,,352,telnet_user_level,2011,29,INTEGER,07/09/2007,,,,0
4,0,,,353,,2011,29,OUT,07/09/2007,,,,0
5,0,,,354,0,2011,29,0,07/09/2007,,,,0
6,0,,,354,1,2011,29,1,07/09/2007,,,,0
7,0,,,354,2,2011,29,2,07/09/2007,,,,0
8,0,,,355,,,,,07/09/2007,,,,0
Now i want to do the same on our new ACS SE 1113 v4.2 (124).
But every time when i start the RDBMS synchronization
nothing happens. RDBMS synchronization is selected in
Interface Configuration/Advanced Options.
Does anybody can help me?
Best regards
Torsten Waibel
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide