Integrating Cisco LMS 3.2.1 with ACS 5.1

probopurwo · ‎03-12-2012

Hi,

im using Cisco LMS 3.2.1 with ACS 5.1

actually, i want to integrate my Cisco Work with ACS 5.1

in AAA mode i already setting up the AAA mode to Cisco ACS,

when i apply the configuration, i got failed as image attached.

What should i do to resolve the problem ?

i have configure the ACS in Network Devices and AAA Client, i have added the Cisco Work Address to ACS, but i got the same error.

Besides, would you like to give me some explanation about the function of AAA mode Setup on Cisco Work,

is it used for User Authentication to logging in to Cisco LMS, or is it used for discovery process (Credential Information) when we want to add some devices into Cisco LMS ?

Thomas Masters · ‎03-13-2012

It is not possible to fully integrat LMS 3.2 with ACS 5.1. In ACS 5.x the "Shared Profile Components", which are XML based role definitions used by LMS, are no longer supported.

At best, you could use ACS for authentication only. This would mean you still need to create a user in LMS to define the roles. You would not uset AAA Mode Setup in ACS mode, just pick the TACTACS+ module for authentication.

probopurwo · ‎03-14-2012

Hi Thomas,

Thank you 4 your reply

i have tried your solution, i have added the AAA Client to Cisco ACS behalf to Cisco LMS Address,

but when i change Authentication mode to TACACS+, i found that Authentication mode is being TACACS+(Fallback Mode), mean that the Authentication over the TACACS is failed,

what should i do next ?

any suggestion ?

Michel Hegeraat · ‎03-14-2012

Probably admin is logged in as well

That is not via TACACS+ hence Fallback Mode

Cheers,

Michel