cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3405
Views
0
Helpful
4
Replies

Export raw configuration unsanitized from Configuration Archive (Prime Infrastructure 3.1)

david.fernandes
Level 1
Level 1

In working with Prime Infrastructure 3.1, I found where to export the raw running configuration for a switch but the only option is to download the file sanitized. Is there an option to enable somewhere so that you can choose to export the file unsanitized?

2 Accepted Solutions

Accepted Solutions

Johannes Luther
Level 4
Level 4

I guess you're working with TACACS+ users in CPI, right?

I just found out (this is why I was searching the community), that the unsanitized configuration export is broken with TACACS+ users, even if they have root permission. Just try to login using the local root account.

Alternatively use the "Device Config Backup-External" Infrastructure system job to export all the unsanitized configurations in a ZIP archive.

I didn't found a bug ID to it yet.

View solution in original post

But I'm correcting myself ... I don't think it's a bug :)

I guess this "view unsanitized configuration" is a new permission task in CPI 3.1 patch X

I was installing CPI 3.1 initially without any patches or device packs and exported the TACACS+ task list for root users. As for Patch 3 the exported task list looks different. Now there is an additional task called "taskXX=Unsanitized Device Config Export". In CPI 3.1 without any patches I'm quite sure this task was not in the exported task list.

So do the following: Go to Prime Infrastructure 3.1 and export the TACACS+ attributes for your needed admin roles again and paste them in the according network access profile in ACS. The task "Unsanitized Device Config Export" should be included in this export.

Then logout and login again and the "Unsanitized" export option should be there.

View solution in original post

4 Replies 4

Johannes Luther
Level 4
Level 4

I guess you're working with TACACS+ users in CPI, right?

I just found out (this is why I was searching the community), that the unsanitized configuration export is broken with TACACS+ users, even if they have root permission. Just try to login using the local root account.

Alternatively use the "Device Config Backup-External" Infrastructure system job to export all the unsanitized configurations in a ZIP archive.

I didn't found a bug ID to it yet.

Thanks! Yep, using TACACS with CPI. 

But I'm correcting myself ... I don't think it's a bug :)

I guess this "view unsanitized configuration" is a new permission task in CPI 3.1 patch X

I was installing CPI 3.1 initially without any patches or device packs and exported the TACACS+ task list for root users. As for Patch 3 the exported task list looks different. Now there is an additional task called "taskXX=Unsanitized Device Config Export". In CPI 3.1 without any patches I'm quite sure this task was not in the exported task list.

So do the following: Go to Prime Infrastructure 3.1 and export the TACACS+ attributes for your needed admin roles again and paste them in the according network access profile in ACS. The task "Unsanitized Device Config Export" should be included in this export.

Then logout and login again and the "Unsanitized" export option should be there.

Thanks Johannes! Can now see and use that export option.