Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1083
Views
0
Helpful
2
Replies

Prime 3.1 to 3.4 - Have built separate VM

craiglebutt
Level 4
Level 4

‎11-22-2018 01:55 AM

HI

 

I've built new VM of Prime 3.4 and restored 3.1 in to on.

Everything looked good, till tried to login with TACACS, got limited access to features.

Wasn't able to log on via root, even when removed Prime from TACACS.

Have managed to update the NCS Attributes in ACS to match 3.4, but this did not fix the issue.  Have a call to TAC, but over 30 hours ago, no response.

 

Have carried out ncs cleanup, rebooted.

 

Have now changed the IP and brought up my 3.1 so have some sort of monitoring.


Anyone come across this?

Labels:
0 Helpful
2 Replies 2

marce1000
VIP
VIP

‎11-22-2018 02:54 AM

 

 - The only thing I can suggest for the moment, if you have some spare VM's , is to clone the 3.1 and try an upgrade path to 3.4 , instead of a backup / restore. Check whether this helps.

M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

pieterh
VIP
VIP

‎11-22-2018 05:28 AM

did the new prime server get a new ip-address ? -> add it as host to the tacacs+ server 

did you define authorization profiles in the tacacs+ server? -> menu items may have changed

-> re-edit the tacacs+ roles 

 

Step 1 Log in to Prime Infrastructure as an administrator.

Step 2 Choose Administration > Users > Virtual Domains.

Step 3 In the left sidebar menu, choose the virtual domain for which you want to apply the RADIUS and TACACS+ attributes.

Step 4 Click the Export Custom Attributes link in the upper right corner of the page. The popup Virtual Domain Custom Attributes page displays the list of RADIUS and TACACS+ custom attributes in two separate panes

Step 5 Click and drag your mouse cursor to select the text in the RADIUS or TACACS+ Custom Attributes list (depending on which server you are currently configuring).

Step 6 Using your browser menu, copy the text to your clipboard.

Step 7 Log in to ACS and navigate to the User or Group Setup.

If you want to specify virtual domains on a per-user basis, then you need to make sure you add all of the custom attributes (for example, tasks, roles, virtual domains) information to the User custom attribute page.

Step 8 For the applicable user or group, click Edit Settings.

Step 9 Select the check boxes to enable these attributes, then click Submit + Restart.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card