cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

928
Views
0
Helpful
3
Replies
Highlighted
Beginner

The problem with importing Internal Users on Cisco ACS

Hi,

I have a problem. Missing passwords or hash when I export the Internal User into CSV. In Template of CSV is columb "password:String(32):Required". But this columbs are empty in export file. Import CSV fails. The problem is missing "password:String" in import file.

 

 

HEADER (Template):

name:String(64):Required,description:String(1024),"dateExceedsEnabled:Boolean(true,false):Required",dateExceeds:Date(yyyy-Mmm-dd),"passwordNeverExpires:Boolean(true,false):Required","enabled:Boolean(true,false):Required","changePassword:Boolean(true,false):Required",password:String(32):Required,enablePassword:String(32),passwordType:String(256):Required,UserIdentityGroup:String(256)
 

USER LINE:

krejci,"Vaclav Krejci, Techsupport",false,,false,true,false,,,Internal Users,All Groups:CDT-users:CDT-technical

 

FOCUS:

--- false,********,,Internal Users ---

******** here is missing String "password:String(32):Required".

 

Any idea? How to export user and password?

 

Thanks for your help.

Everyone's tags (4)
3 REPLIES 3
Highlighted
Beginner

I attach log. It is during

I attach log. It is during import:

 

2015-05-19 19:50:56: Record number: 1, Internal User krejci: Import Failed
Missing mandatory attribute in record number 5, field number 8
-------- Summary --------
Total Number of Records Processed:212
Number of Records Failed:212
Number of Records Imported:0
---------- End ----------
 

Highlighted
Beginner

Hi there, just wondering if

Hi there, just wondering if you ever found a resolution to this problem?

Highlighted
Beginner

I had several problems. First

I had several problems.
 
First:
In users descriptions was incorrect characters. There can not be characters like punctuation (ěščřžýáíé), comma (because it is a separator in CSV export), exclamation mark, etc.
 
example:
Users and Identitty Stores -> Users -> Description
we use: name/company/contact/additional information
wrong is: Karel Novák, Company, tel.: 123 456 789, !!! Do not deactivate !!!
must be: Karel Novak / Company / 123 456 789 / Do not deactivate
 
The same problem is in the description of Identity Groups.
 
Second:
In version 5.2 was weak password policy. In version 5.6 is stronger password policy. Users who did not have adequate password, he can not be activated.
 
System administration -> Users -> Authentication Settings -> Password Complexity
we use: 6 characters minimum length and no additional requirements (password 123456 is OK)
new version have default: 8 characters minimum length
 
Solution
I corrected manually all descriptions (users, group, ACL etc.)
A user with poor password is disable. I must change user password when he calls me.
 
 
I have problem witch HA mode. That is problem in error: Registration failed due to invalid Certificate. I must disable "Enable Nodes Trust Communication" in System Administration >  Configuration >  Global System Options >  Trust Communication Settings