cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Who Me Too'd this topic

VIP Rising star

ACS 5.5 export internal users with password

I have a Cisco ACS 5.5 running on ADE and I am trying to export all the internal users including passwords.

 

According to Cisco: "The ACS administrators can view the internal users' passwords from internal user database."
https://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-8/user/guide/acsuserguide/users_id_stores.html

So for ACS 5.5 I should be able to retrive the passwords in clear text. Unfortunately I could not find any documnetation on how to do that.

 

It seems that a tool called extraxi could be used, but I was not able to download it after registering for trial, and it seems it supports only ACS 3.x and 4.x.

 

I was able to extract the database using:
acs support db_export repository myrepository encryption-passphrase null include-db original
In the bundle I have a directory called database, which contains the following files:
acs.db - should be the database I am looking for
acs.log
dbcred.cal - "Database password file" according to cisco
dbkey.cfg
prikeypwd.key

 

The problem is all the above files are encrypted and I am unable to open the db file.
Does anyone have any idea what tool can be used to view the db and how to decrypt it?

Who Me Too'd this topic