Adding to the ACS database replication

I want to install a backup ACS4.1, the principal server has no replication of database configured on it.

I would like to add this feature, because I have to make the primary and to replicate its database to the new backup box I put in place, to which I was able to add the feature during installation.

So I guess my question is: how to add the functionality of replication of database on Cisco ASC4.1 - post install?

Help, please

Happy to help.

Please mark the thread solved, so that others can enjoy

Kind regards

Prem

Tags: Cisco Security

Similar Questions

  • ACS server replication request

    Hi all

    I have two primary & secondary ACS server. New secondary to be deployed in the network server. My primary ACS server got 1000 clients AAA configured with 15000 user id configured in several group profile. My question here is when I have the database replication between primary and secondary, if any database is replicated from my primary server to the secondary as all customers AAA and configuation etc., otherwise it will be the end user interface, profile of the group, replication has restrictions of database.

    Totally: AAA & ID customers user will be on the backup of a database or it will reside on different location

    kindly clarify me here, thanks.

    Hello

    The entire database will be written more when a restore of the database.

    The ACS database replication allows you to copy various components of the internal database of GBA in other ACSS. This method can help you plan a failover AAA architecture and reduce the complexity of your tasks of configuration and maintenance.

    The components that can be replicated are:

    User and group database

    Database group only

    Network device Configuration tables

    WBS

    Configuration of the interface

    Interface security settings

    Password validation settings

    EAP-FAST master keys and policies

    Network access profiles

    Configuration of logging (enable/disable settings)

    The following link will give you the details of database replication.

    http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/SCAdv.html#wp756304

    I hope this helps.

    Kind regards

    Anisha

    P.S.: Please mark this thread as solved if you feel that your query is resolved. Note the useful messages.

  • Following SQL plan bad even after adding to the base at 11 GR 2

    11.2.0.3, RHEL 6, 2 node RAC

    I have a request app with 4 shots, and one of them is very well optimized plan. But a few reasons it was not used. I added this sql_id based yesterday.

    {code}

    sql_id: 38w0gp7u4vab

    plan_hash_values - cost

    (1) 1483922261-284

    (2) 1549540093-354

    3-11-3581836057

    4-3875671801-347

    (5) 3584469669-450

    Here's the info from baslines:

    PLAN_NAME cost VAC

    ------------------------------ ------------------

    SQL_PLAN_9m9pwxh4mpy73018854c3 11 YES

    SQL_PLAN_9m9pwxh4mpy7334ba5abc YES 463

    SQL_PLAN_9m9pwxh4mpy733a0debdd No. 118

    SQL_PLAN_9m9pwxh4mpy73962cb03c YES 364

    {code}

    I see 3 plans are marked as "ACCEPTED" and a plan is not yet.  I hope that it must follow the plan at a lower cost.

    Question:

    ========

    When I check the execution plan for the sql_id always according to plan with cost (463) above.  I wish she must use a first with the lowest cost (11), but don't know why it's always the plan suite with higher cost.

    Any idea on why this is the plan bad sequel yet, we have added to the sql database?

    Thank you

    Harry

    The optimizer is free to choose any plan accepted. You can use dbms_spm.alter_sql_plan_baseline to turn off the plans that you don ' t like.

  • Archived not getting applied to the standby database.

    Hello

    I turned the parameter standby_file_management to manual and since I created 3 primary data file, but they are not applied to the standby database.
    I turned on the Auto setting and started the MRP process but still not able to apply archive.
    Version Oracle 10.2.0.5


    Please suggest,
    Amit Sharma

    Hello

    Your problem is that the MRP standby automatically when a data file is added on the primary database. The reason would be that the parameter STANDBY_FILE_MANAGEMENT is set to MANUAL on the standby database.

    Please refer to this http://shivanandarao-oracle.com/2012/04/02/managed-recovery-process-mrp-terminates-on-standby-database-upon-adding-datafile-on-the-primary-database/

    It will be useful.

    Kind regards
    Shivananda

  • ACS database does not not after having changed the secondary ip of acs.

    Hello.. Im having 2 ACS 3.1 server. ACS01 (primary) & ACS02 (secondary). We recently moved ACS02 to another site and has changed its ip address.

    When we of database replication from ACS01, we received the error message saying ACS02 has refused the request of replication.

    Any idea what can be the problem?

    Consider these elements when you implement the database replication feature Cisco Secure:

    (1) ACS supports only supported replication of database to other ACS servers. All ACS servers participating in the Cisco Secure database replication must run the same version and patch to FAC level.

    (2) the principal server copy compressed and encrypted the database on the secondary server components. This transmission is done via a connection TCP, Port 2000. The TCP session is authenticated and using an encrypted protocol, Cisco-owners.

    (3) only hosts properly configured, valid ACS can be secondary servers. To add a secondary server, configure it in the AAA servers table in the section of this document Network Configuration. When a server is added to the AAA servers table, the server is displayed for selection as a secondary server in the list of AAA servers as replication partners, on the Cisco Secure database replication page.

    (4) the principal server must be configured as an AAA server and must have a key. The secondary server must have a primary server configured as an AAA server and its key for the primary server must match the key primary servers.

    (5) secondary servers replication takes place sequentially in the order listed in the replication list under replication partners, on the Cisco Secure database replication page. (6) the secondary server that receives the replicated components must be configured to accept replication of database from the primary server. To configure a secondary server for database replication, refer to configuring a secondary Cisco Secure ACS Server of this document section.

    (7) ACS does not support two-way replication of database. The secondary server, which receives the replicated components, check that the primary server is not on its list of replication. If this is not the case, the secondary server accepts replicated components. If so, it rejects the components.

    (8) to replicate the seller of RADIUS defined by the user and the configurations of the specific attribute (VSA) provider successfully, definitions have to be replicated must be identical on the primary and secondary servers. This includes seller RADIUS slots occupy sellers RADIUS defined by the user. For more information on the sellers of the RADIUS and the VSA attributes defined by the user, see section User-Defined RADIUS vendors and VSA sets the document Cisco Secure ACS database command-line Utility.

  • ACS appliance 4.2 - database replication internal problem

    HelloW

    I'm yunchoul jung in Korea

    now I'm setting up ACS unit 1113 ver4.2

    in internal, primary and secondary database replication server ACS cannot repliacate the database due to the configuration of SELF (127.0.0.1) by default in the configuration of the network.

    so I have a guestion, how do I replace 127.0.0.1 address to the ip address you want or delete SELF (127.0.0.1) address

    I don't understand a procedure of solution in the documentation below.

    Thank you for your help in advance

    Problem: 127.0.0.1 is a reserved address

    You have two units of the ACS SE 1113 and replicate the database internal from the primary to the secondary.

    but you notice this error message in the secondary unit:

    Replication of database of ACS denied - incompatibility of secret shared incoming

    When you try to change the key of course AAA under Network Configuration Server error message is

    returned.

    This is due to a known bug,

    Symptom: 127.0.0.1 address appears in ACS and the replication fails

    Conditions:

    Install Acs S/W version 4.2.0.124

    Disable the network adapter

    Enable network card

    * Go to the network settings page.

    * Should see the AA server IP to be a return loop

    Workaround solution:

    For windows: remove the 127.0.0.1 entry

    For the device: back up the database, install ACS on windows, restore, delete

    the entry, make a backup and restore on the device

    http://Tools.Cisco.com/support/BugToolKit/search/getBugDetails.do?caller=pluginredirector&method=fetchBugDetails&bugId=CSCso39795

    Kind regards

    ~ JG

    Note the useful messages

  • XML, parsing and adding to the database

    Hello

    I'm parsing an xml file and want to add the items to the database. Basically it works, but only the last element in the xml file is added to the database over and over again (count: M.length).

    I wonder if the loop is too fast and crush the variables and the tx.executeSql (); Gets the last element. Any ideas on that?

    function RSSRequest() {

    xmlDoc = loadXMLDoc(RSSBackend);
    var M = xmlDoc.getElementsByTagName("push");

    for (i=0;i

    When I'm alert (title); I'll get all showing different titles. Any idea and help is appreciated
    

    Kind regards
    

    bert2002
    			 
    Well I use an anonymous function and works:
    

    (function(title){

// CODE

})(title);

  • Migration of the existing database of victory ACS 3.3 to device ACS 4.2.15

    Hi all

    Can anyone suggest me how to migrate the db for windows 3.3 acs acs 4.2.15 device.

    We replace the 3.3 victory device 4.2.15 as part of end of life. So we have the eap-tls/peap authentication.

    It has huge files. So suggest me the steps to migrate the db to win 3.3 appl 4.2.15.

    We need to upgrade to win 3.3 to win 4.0 for win 4.2 & then migrate to appl 4.2?

    Or any other way to do it?

    Hello

    You can take a backup copy of the database of the ACS unit. You can install ACS 3.3 in windows. Restore the backup.

    Then you can proceed to 3.3.4 on Windows ACS. make a backup and save it to a different location.

    Upgrade the windows of the CSA at 4.1.1.24. take a backup. Save it to a different location.

    Then the windows of the CSA 4.2.0.124. resume a backup and save it to a different location.

    Now re-images of the device of the ACS for ACS 4.2.0.124. Restore the backup of Windows ACS ACS ACS 4.2.0.124 unit now running.

    Now you can upgrade the ACS unit to 4.2.1.15.

    I hope this helps.

    Kind regards

    Anisha

    P.S.: Please mark this thread as answered if you feel that your query is resolved. Note the useful messages.

  • The ACS replication ports

    Hello all, I have two ACS 3.3 and I try to replicate but it does not work. The topology is something like this:

    ACS1<->PIX525<->RouterTelmex - Internet - RouterTelmex<->ASA5540<->ACS2

    I test a lot of things, and I guess that the problem is in ASA5540. So the question is: is anyone know which ports need to be opened in ASA5540 to allow replication? I know there must be opening of port 2000, but I think there must be some ports more.

    Thank you very much.

    Gabriel

    Hello Gabriel,

    I know, you only need port 2000 to open for replication of the ACS.

    BTW, did you skinny inspection enabled on the ASA. The ACS replication is running on port 2000 who also happens be the same port as the Skinny Protocol. Make sure that he lean on the two firewall inspection is disabled and see if you can get the replication.

    no correction protocol 2000 skinny

    I hope it helps.

    Kind regards

    Arul

    * Please note all useful messages *.

  • Is ACS 4.2 - possible to change the port of replication?

    Hello

    try to find out if she some tweek to change the port of TCP/2000 ACS replication to something else.

    I know that it is possible to make a different map policy or not to inspect the skinny Protocol in order to avoid the conflict, but not the solution I'm looking for. I was wondering if anyone knows of a different way to change the port of 4.2 ACS replication.

    Hello

    What is the version of the CSA, you run?

    If you then run ACS 4.2.1.15

    Problem : ========= ACS replication port re-configuration. Resolution : ============ Please follow the following steps: 1.       Interface configuration > Advanced Options > Check the checkbox ACS Communication Port Configuration. 2.       System Configuration > service control > Configure the Port to be used for the ACS Internal Communication (choose any port between 2010 to 2025)
    

    Regards,
    
Anisha
    

    P.S.: please mark this thread as resolved if you think your query is answered.

  • Setting for the remote database ACS 5.2 problem

    Hi all

    I installed ACS 5.2 device and try to backup report database (MS SQL Server 2005) remotely using remote database settings.

    But the database is empty, and the task in the Task Scheduler is failed.

    So I check MonitoringAndReportingScheduler.log and found the log message in the attached file.

    I try to find answer to Cisco community support, but found nothing.

    But I googled an article almost the same condition as mine.

    http://www.experts-exchange.com/Microsoft/development/MS-SQL-Server/SQL-Server-2005/Q_26931183.html

    I wonder what the database configuration should I change to meet the requirement of this backup of report.

    Because there is nothing on the database in the ACS configuration guide.

    Is anyone successfully using this function?

    What does ".

    I changed my ranking of Latin SQL database SQL, and his work. "in the article mean?

    Thanks in advance.

    Hi, Mason,

    It is very probably due to the CSCtk83179 ACS 5 export remote DB SQL view does not.

    You must wait ACS patch 7 for ACS 5.2 or 5.3.

    Cheers, Irina

    ---

    PS: Please, note the useful messages!

  • Announcement for the external database - Secure ACS 5.2 or LDAP

    I'm working on the project with Secure ACS 5.2.  I'm trying to determine the external database appropriate to use.  LDAP or directly to the AD?

    In addition, the field in which I connect to a several subdomains.  All users are currently in the subdomains, but will move to the root domain later.  How do I set up the connection, I have to connect to each subdomain or can I connect just to the root?

    Thank you

    Hello

    If you are using PEAP (mschapv2) [password based authentication] your best bet is to tie ACS to AD, because PEAP-mschapv2 is a hash mechanism that is only supported when you bind to AD, it will not work if you use the ldap integration.

    Your best option is to connect ACS for the root domain, so he can use the transitive trust relationships to find the information in its subdomains.

    Thank you

    Tarik Admani
    * Please note the useful messages *.

  • We are in the streams we want to use the tools of replication of database of 3rd party for Oracle freeware. Pls suggest

    We are in the streams we want to use the tools of replication of database of 3rd party for Oracle freeware. Pls suggest

    Hello

    GoldenGate and shareplex are large databases for heteregenous platforms oracle replication tools.

    Shareplex replicates data between heteregenous platforms for example source on Linux and Windows.Shareplex target come from queues so that when we define it a few tables in the configuration of the source files, it will get automatically reproduced in the target database.

    SharePlex 8.6.2 technical documentation

    Concerning

    Rami

  • Replication to a different diagram in the same database is a problem?

    Hello

    I'm about to start an integration project in which data needs to be replicated from a schema from A to B schema. These patterns are in the same database. We are looking for a non intrusive process to move data in real time throughout the day. At night, the data must be prepared for treatment. I think GoldenGate might be the right choice for this case. However, some people think it's weird using GoldenGate for replication within the same database, despite being in the other schema data. I do not wish to use ODI or other intrusive process.

    Is there a sort of recommendation in order to not to use GoldenGate in such situation (same database)?

    Hello

    Yes, it is possible and you can use Oracle GoldenGate for configuring replication between two schemas in the same databases. Only a GoldenGate environment is sufficient to achieve this goal.

    Kind regards

    Veera

  • Adding data to an attribute of the object database

    Well, I have a little problem I am trying to add data to my bpm of a database object, but it does not add the info
    my method is:
    for each item
    SELECT cveAfectacion
    THE COMIC BOOK. ODS_VIEWER. BAN_EVENTOS_CONFIRMACION
    WHERE idSolicitud is contador
    do
    show "dentro do."
    display BAN_EVENTOS_CONFIRMACION.cveAfectacion
    solicitudCliente.tipo = BAN_EVENTOS_CONFIRMACION.cveAfectacion
    end

    Thanks for the help

    See this link: Re: adding data to an attribute of the object database

Maybe you are looking for