cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
796
Views
0
Helpful
2
Replies
Highlighted

Problem Authentcation CiscoWorks LMS 4.1 with ACS 5.3

Dear

i have a problem authenticating cisco LMS user through ACS 5 whenever tries  to run a DCR Job  verification it fails to telnet , however it used to work with the pervious ACS 4 but after upgrade , it seems to be a problem , and when i tries to login with this specific user with third party terminal it works fine.

here is logg in the ACS monitor

Failure Reason > Authentication Failure Code Lookup

Failure Reason :

13031 TACACS+ authentication request missing user Password

Generated on:March 12, 2013 7:09:37 PM AST

Description

The TACACS+ authentication request did not provide a user Password

Resolution Steps

The  device is sending a TACACS+ authentication request that is missing  information needed by ACS. Check the device to verify that it is working  properly and has up-to-date software

2 REPLIES 2
Highlighted
Beginner

Problem Authentcation CiscoWorks LMS 4.1 with ACS 5.3

LMS 4.0 allowed only ACS (tacacs) authentication - not authorization. You would have to define roles on the LMS server for authorization. With ACS 5 - there really is no support to add in roles (as in ACS 4.0) in the ACS server. I may not be stating this exactly right, but LMS 4.X broke the integration with ACS ... someone else maybe able to give a better explanation.

Highlighted
Beginner

Problem Authentcation CiscoWorks LMS 4.1 with ACS 5.3

I'm running the latest version of both, and it's running fine for me.  You may have to change your TacacsPromts.ini file to include the right prompts.  I think it's:

[TELNET]

USERNAME_PROMPT=

PASSWORD_PROMPT=

You'll have to put in your own prompts, though.   Whatever your prompts are, is what goes afterward.

If my prompt is Myspecialprompt: and pass is Myspecialpassword:, I'd use

[TELNET]

USERNAME_PROMPT=Myspecialprompt:

PASSWORD_PROMPT=Myspecialpassword:

If you have more devices with different prompts, just use a comma after the colon.  Btw, you don't need the credentials in there, just the custom prompts.

CreatePlease to create content
Content for Community-Ad