Buy or Renew
Buy or Renew
We are currently experiencing Knowledge Base board outages and are working to resolve. Thank you for your patience.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1695
Views
0
Helpful
10
Replies

Prime Infrastructure 3.10.4 ssh change privilege level to 1

Hubert Kupper
Level 1
Level 1

‎03-18-2024 02:59 AM

Hello,

 

since november 2023, when our cisco prime 3.10.4 trying to get the config via ssh from our 4510+R Switch, the privilege level 15 changed to 1 and the ssh connection fails. Bevor the config was archived correctily. This problem only occours with the 4510+R switch running XE 03.11.09.E

Any idea, what the problem is?

Regards, Hubert

Labels:
0 Helpful
10 Replies 10

Mark Elsen
Hall of Fame
Hall of Fame

‎03-18-2024 06:43 AM

 

 - Remove the particular device from Prime and re-enter it , but before final add ; press Verify Credentials first ,

 M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

Hubert Kupper
Level 1
Level 1
In response to Mark Elsen

‎03-18-2024 07:04 AM

I did this last week but it didn't help. The same error.

0 Helpful

Hubert Kupper
Level 1
Level 1
In response to Hubert Kupper

‎03-18-2024 07:06 AM

Verify credentials said everything is ok. If I do a ssh session to prime and from there a ssh session to the 4510 it already works but not from prime config job.

0 Helpful

Mark Elsen
Hall of Fame
Hall of Fame
In response to Hubert Kupper

‎03-18-2024 07:17 AM

 

       - Check logs on the device when Prime tries to connect ,

 M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

Hubert Kupper
Level 1
Level 1
In response to Mark Elsen

‎03-18-2024 10:12 AM

%SYS-5-PRIV_AUTH_PASS: Privilege level set to 1 by username on vty0 (IP Address)
002808: Mar 15 22:00:12: %SYS-6-LOGOUT: User username has exited tty session 1(IP Address)

0 Helpful

Mark Elsen
Hall of Fame
Hall of Fame
In response to Hubert Kupper

‎03-18-2024 10:39 AM

 

 - If the particular admin user is authenticated externally through radius or ldap for instance , then make sure it preserves sufficient privilege's  after being authenticated , (sometimes you need extra attributes returned from radius to achieve that)

 M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

Hubert Kupper
Level 1
Level 1
In response to Mark Elsen

‎03-18-2024 10:24 PM

Hi, no the admin user is not authenticated externally.

 

Hubert

0 Helpful

Hubert Kupper
Level 1
Level 1
In response to Hubert Kupper

‎03-18-2024 10:59 PM

the error is only visible whith prime config archive collection job.

0 Helpful

Hubert Kupper
Level 1
Level 1

‎03-20-2024 01:25 AM

I will try 3.11.10 on the 4510+E switch tomorrow. Maybe this solve the problem.........

0 Helpful

Mark Elsen
Hall of Fame
Hall of Fame
In response to Hubert Kupper

‎03-20-2024 02:52 AM

 

          - Ok , good plan ; otherwise you need to engage TAC , 

 M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful
Customers Also Viewed These Support Documents