Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1312
Views
0
Helpful
3
Replies

Migrating ACS 3.1.1 to ACS 5.1

hogoqo
Level 1
Level 1

‎01-05-2011 06:56 PM - edited ‎03-10-2019 05:41 PM

I am migrating from ACS 3.1.1, which is not supported by the Migration Utility. So i am planning on importing the users and groups manually using the CSV files. I have generated a dump of the database using the csutil. My question is, How can i import the existing user passwords? I know when using the Migration Utility it migrates the internal user passwords as well. Anyone with an idea?

Labels:
0 Helpful
3 Replies 3

Federico Ziliotto
Cisco Employee
Cisco Employee

‎01-06-2011 01:37 AM

Hello,

Maybe the easiest/safest way would be to go through a TAC case to request assistance on upgrading your ACS 3.1.1 up until ACS 4.2, which is then supported by the migration utility:

http://tools.cisco.com/ServiceRequestTool/create/launch.do

Alternatively, if you are able to put all your users info in a CSV file, you could follow the instructions to import users in ACS 5 through CSV files:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/user/guide/net_resources.html#wpxref47311

For information on how to create the import files:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.1/sdk/cli_imp_exp.html#wp1055255

Regards,

Fede

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

0 Helpful

hogoqo
Level 1
Level 1
In response to Federico Ziliotto

‎01-06-2011 11:49 AM

I have used teh CSV templates already and migrated the users. I need to maintain their passwords though. I need the migration to be seemless to teh end user. Any way of decoding the passwords from the dump file and manually input them on the CSV file for import.

0 Helpful

Federico Ziliotto
Cisco Employee
Cisco Employee
In response to hogoqo

‎01-06-2011 12:13 PM

Hello,

For security reasons, ACS 4.x has been designed to encrypt users passwords and there are currently no options to disable such an encryption.
The users list CSV dump obtained through the CSUtil command was implemented with the goal of generating a backup of the ACS users, but not to allow passwords to be read or modified for example.

At this stage, in case you could not change passwords for your users, it might be easier to proceed with the ACS 3.1.1 database upgrade to 4.2 (this can be done for example on a separate server) and then with the migration to ACS 5 through the corresponding utility:

1. Install another ACS 3.1.1 on a separate secondary Windows server.

2. On this secondary ACS, restore a database backup from your original ACS 3.1.1.

3. Upgrade the secondary ACS 3.1.1 all the way to 4.2 (you'd need to open a TAC case to obtain all the needed software releases).

4. Use the migration utility of ACS 5 to migrate the database from the secondary ACS, now upgraded to 4.2 and compatible with the migration utility.

Regards,

Fede

--
If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

0 Helpful
Customers Also Viewed These Support Documents