Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1401
Views
5
Helpful
3
Replies

Cisco prime 3.4.0 Device management

Go to solution
ciscosupport111
Level 1
Level 1

‎01-08-2020 04:35 AM

I use ISE 2.4.0 Tacacs+ service for authentication  of Prime 3.4.0 users.

We also use same  ISE 2.4.0 TACACS+ service for network device management.

 

Initially when I added network devices in Prime  inventory I've used  my tacacs+ credentials.

After That whenever different user is making configuration changes from prime it uses my credentials.

How To make prime to authenticate with tacacs+ on network device with specific administrator credentials. 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
marce1000
VIP
VIP
In response to ciscosupport111

‎01-08-2020 10:48 PM

 

>We have ISE integrated in prime, is it possible to force prime to renew(update) credentials every time when user decides to manage device

 No that is not possible because the device access-credentials are considered to be  a part of the access-configuration for Prime when it manages devices. Note for instance that Prime , does many independent background tasks too  using the configured access-credentials for each device that it manages. In that context it could be advisable to have  a separate  management account on the network for accessing the switches from Prime.

 

M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

View solution in original post

3 Replies 3

Go to solution
marce1000
VIP
VIP

‎01-08-2020 08:09 AM

 

 - You might be confused on the access parameters  used when logging into Prime, versus those used when adding a switch. Prime will always use the latter for further managerial tasks to be executed on the switch(es)

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Go to solution
ciscosupport111
Level 1
Level 1
In response to marce1000

‎01-08-2020 10:11 PM

Hi,

Thanks for quick reply,

Please explain how to solve following task:

If we have in IT department two or more network engineers, and one of them added network devices in prime with his own tacacs+ credentials.

Then other network engineer decides to manage this device from prime, he logs in prime with his own credentials, and manages device with credentials that is not his. Finally all other network engineers would manage device from prime with only one user that is who added device initially.

We need to differentiate changes that is done by different users(network engineers). 

 

We have ISE integrated in prime, is it possible to force prime to renew(update) credentials every time when user decides to manage device.

0 Helpful

Go to solution
marce1000
VIP
VIP
In response to ciscosupport111

‎01-08-2020 10:48 PM

 

>We have ISE integrated in prime, is it possible to force prime to renew(update) credentials every time when user decides to manage device

 No that is not possible because the device access-credentials are considered to be  a part of the access-configuration for Prime when it manages devices. Note for instance that Prime , does many independent background tasks too  using the configured access-credentials for each device that it manages. In that context it could be advisable to have  a separate  management account on the network for accessing the switches from Prime.

 

M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents