Changing local enable passwd with RME 4.x NetConfig?

yjdabear · ‎04-27-2007

I can't quite grasp the idea yet: It looks like LMS 2.6's DCR no longer stores the local enable password (column 10 in the V2.0 export format) for each device. So how could NetConfig of RME 4.x change the local enable password (on CatOS device) without knowing what it is. The lab cat5k I tried to change the local enable passwd manually on asked for the old enablepass.

Joe Clarke · ‎04-27-2007

It can't. This is a long-standing issue. See CSCsb07389. To implement support for this, we are adding the concept of secondary credentials in LMS 3.0.

yjdabear · ‎04-27-2007

Will this concept be implemented for LMS 2.6? It's a big feature lost from LMS 2.2/RME 3.5. While we have redundant TACACS servers, it's nice to have local passwords in case all TACACS servers go kaput or when a device is taken off the network for a short while.

Joe Clarke · ‎04-27-2007

This feature will not be implemented in LMS 2.6. It will be in LMS 3.0 and higher only.

Joe Clarke · ‎05-04-2007

I should add that if you're just interested in changing the password on the device without updating the values in DCR, you can create an Ad Hoc Netconfig job to do the change. Applications like RME won't be aware of that new password, but if the AAA Server goes down, people will be able to login to the device directly using the new values (provided your policy allows for that).