02-22-2005 09:17 AM
Cisco Works 3.5, RME, check device attributes function fails on tacacs username and password with "incorrect" when in fact the tacacs username and password are correct!! You can use them to telnet to the same device that cda just failed on. Using Cisco ACS 3.1 and have sniffer traces of failure but still cannot figure out why.
02-22-2005 10:41 AM
RME have several bugs on Check Device Attribute feature. The best way to do an Export to File and then see if the credentials show as correct or else
02-22-2005 11:09 AM
I have already done the export and the tacacs username and password matches fine. I think it has something to do with the script that RME executes to do a telnet to a device when you do a check device attribute. The trace seems to indicate that there is some miscommunication between the values that the cw2000 server is sending to the router and thus get sent to the tacacs server. Do you know the perl script file name that the RME would use to execute a Check Device Attribute function. Maybe there is some timer in the there or extraneous value that cw2000 is sending to the tacacs server??
Thanks,
Tony
02-22-2005 11:39 AM
What do your CSACS logs show? Check the Failed Attempts and/or Passed Authentications. Perhaps there are access limitations on the CW2K CSACS user account?
HTH
Steve
02-22-2005 11:52 PM
I've seen that behaviour. It sometimes helps to enter tacacs username/password also in the fields for local user/pw. It is stupid that the CDA then shows these values as correct, but at least it works.
02-23-2005 05:43 AM
Thanks Georg. I will try that. Also, having another issue with a process called "sm_server" which apparently is part of Device Fault Manager. For reasons unknown that process will spike the processor to 100% for hours on end bringing the system to a crawl. Have you ever seen this before?? If not, no need to respond.
Again thanks,
Tony
04-07-2005 09:07 AM
another problem might be the login-prompt. older ios sometime prompt with username : and password : instead of username: and password: (watch the spaces)..
in lms < 2.5 you can troubleshoot this with adjusting [$nmsroot]/objects/cmf/data/TacacsPrompts.ini , but with LMS 2.5 this doesn't work anymore. If anyone knows the new workaround, please let me know....
04-07-2005 01:51 PM
I had the same problem. I corrected it by doing a check device attributes on the nodes with DA errors.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide