Import of host internship ACS 5.0

Similar Questions

• Is it possible to import ESX hosts that once belonged to another vcenter & dbase to a new vcenter & dbase?

  I have a server who is dead and who has hosted our VMware SQL dbase and dbase recoveries do not work.  All hosts and virtual machines continue to run, but I was wondering if I could do a new install of vSphere and create a new SQL dbase and then import my hosts and virtual machines.  It will work, or are there problems guests & VMs part of an another vCenter?

  VM isn't registered to ESX(I) hosts, vCenter.  Thus, when you 'add host' to vCenter all registered as ESXI (i) host VM are delivered with.

• Maximum 'Accounts internal hosts' on ACS 5.2

  Is there a maximum number of 'Account of internal hosts' IDs which can manage the local database to an ACS 5.2?

  Thank you...

  Although I cannot point to any reference in the user documentation, I know that ACS 5.2 has been tested with 50000 endpoints or the internal hosts

• Import multiple host/Virtual Machines

  We had a user remove several virtual machines and hosts of our vsphere. Are there recommendations on the best way to re - import otherwise than manually, one at a time?

  Thanks in advance

  PhinsUp

  See also

  https://upgrade.VMware.com/support/developer/windowstoolkit/wintk40u1/HTML/add-vmhost.html

  or if all else fails, you can do it the old fashion way... but PowerCLI, will be probably your best way to do this depending on how much the guests and the hosts must be added to your vCenter inventory.

• Possible bug in Cisco ACS 5.1 importing devices?

  Hi, there seems to be a problem when I try to import a .csv for ACS 5.1 file. After following the procedures of export file and clicking on finish, I find myself with the screenshot of the window of ImportAction attached. According to the documentation this window should allow you to track the progress of the bulk operation, but there is none of this.

  Any ideas of how I can solve this problem?

  Thank you

  Can you ensure popups are enabled on your browser

• ACS: How to import policies?

  Hello world

  ACS 5.8 added the ability to export policies to a repository, and yet I have not seen any interface to import these policies in ACS. In addition, they are exported encrypted that makes them unreadable from the point of view audit. No chance, they can be decrypted outside GBA?

  Have a good weekend :)

  Hello

  Don't we have policies to support bundle? Yet once access security policy will cause more damage than of any unauthorized access to support bundle.

  To add this feature, you must contact your Cisco account team and they will be addressed later, but chances are you'll hear the same thing.

  Kind regards

  ~ JG

• Dell VRTX + vCenter 5.5 + Shared storage is ESXi host import issue in vCenter. Help, please!

  All,

  I have two VRTX to be used for lab purposes that I am currently in configuration.

  Blades feature 4 VRTX with a shared storage infrastructure. Each blade has 5.5 installed on ESXi.

  I configured the shared on the VRTX storage, and all the blades can go very well.

  The question I'm currently facing is when you add the vCenter for managing ESXi hosts.

  Add the first host goes without a hitch. However, add any later host fail, because vCenter finds datastore attached hosts to have the same identifier.

  The error message is (see the attached screenshot): ' Datastore 'Main Shared-storage' is in conflict with a store of data that exists in the data center which has the same URL (ds: / / vmfs/volumes/xxxxx /), but is supported by different physical storage.

  Someone knows how to fix this?

  Thank you.

  Thanks for the reply.

  I think that I have found a workaround.

  First of all, this link does not address my particular issue.

  See, it's a whole new vCenter device installation and configuration. Only one of the four hosts to add host has been added.

  Still, the problem is that each ESXi host is a blade VRTX (M620), which has access to the data store created on the shared storage of VRTX.

  Basically, each host is editing the data store shared even (the only data store created on the shared storage), which works very well except for vCenter complain when you import the hosts.

  In any case, my resolution was as follows:

  -Add the first host with the attached and mounted data store

  -Remove the data store and detach the controller shared by other guests before adding in vCenter

  -Re-attach the controller shared and set up the data store via vCenter once guests have been added

  -Re-configure each host for vSphere HA if necessary

  Thank you.

• Machine based authentication using EAP - TLS, MS CA and 5.2 of the ACS

  I use ACS 4.2 for Windows for a couple of years now and I'm pretty comfortable with it.  5.2 model is much more different than what I expected.  We downloaded the trial in our laboratory for 90 days, and I try to get 802. 1 x wired works so we can be sure that we want to buy it.  I've looked everywhere and I have been unable to find some basic instructions on how to configure the following in a step by step process scenario:

  1. integrated AD

  2 EAP - TLS

  3 certificates

  4 Microsoft CA

  5. the applicant is XP SP 3

  6 non-Cisco 802.1 x compatible switches (switches are not the question)

  I got GANYMEDE to work fairly easily, but I am confident the issues I have are user based :).  Does anyone know of a doc somewhere that goes on a scenario like this (in addition to the user manual and docs of migration ISBN)?  Also, we have the assurance of software on our box 4.2 - TAC support questions we have on the 5.2 box while we are it do demonstrations?

  Thanks in advance.

  Hello, Christopher.

  I'll try to give you some tips to achieve what you want.

  Additional info can be found in the user guide:

  http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/acsuserguide.html

  1. in the identity store / Active directory, check "enable machine authentication.

  2 import a certificate for ACS

  Go to System Administration > Configuration > Local Server Certificates > Local certificates and click the Add button.

  Select how you want to import the certificate, and then verify the Protocol EAP

  3. Add your switches as aaa clients

  Access network resources > network hardware and the AAA Clients, click on create and add configure address IP + shared secret for the RADIUS.

  4-go to access policies > Access Services and click on create a new access service.

  Select the selected Type of Service and network access in the list.

  Verify the identity, group mapping and authorization

  5 - go to the access policies > rules of selection and select "Rule based selection result" if not already done, then click Customize at the bottom right of the screen, and then add the properties that allows you to match your device with which you want to do TLS.

  You can use the IP address of devices, or you can create a NDG (in network resources), assign devices to the NDG and match this NDG in your rule.

  If all your switches RADIUS will make eap - tls, you can change the rule

  Rule-1

  Ray game

  Default network access

  While in the result, you choose your service of access created in step 3.

  6 - go to the access policies and click on the access service that you created in step 3. In the allowed Protocols tab, see EAP - TLS

  7. unfold your access service menu, and then click identity. Select your ad as being the source of the identity

  8. check that the 'Allowed access' rule is selected in the authorization to access your service

  These measures define your devices, and then create a rule to say that ACS must use an individual service for this access devices and set this access service to use AD as authentication.

  Again, what are the basic steps, he may miss some things to do depending on your configuration, but I hope this will help you.

  ACS 5 may be difficult at first, but once you get your hands on it, you will see that it is powerful.

• Migrate from ACS 3.3.2 SE to 4.2.1 for Windows

  Hi all

  Disclaimer

  I know that the two platforms/versions are dinosaurs and we should be upgraded to something more recent like ACS 5.x.  However, I am consultant and is not part of the decision to make this migration.  I've just loaded to run.  The customer going to ISE and purchased in one of their regions.  However, this specific pair of ACS servers provide services GANYMEDE + then they will be around for some time.

  Problem

  I'm contemplating how to for migration.  There are about 30 local users and more than 2000 devices.  There is integration of ads through a pair of remote agents.  We want to entry a sweet/new configuration as opposed to a full backup and restore so cleaning may occur on the current arrangements of 8-10 years.  So, the best-case scenario is that I have set up new devices (v4.2.1) by hand and import users and network devices.

  If I wanted to do, how I'd go to export only the devices and users from the 3.3.2 engine solution?

  I thought to reproduce the current 3.3.2 install on a v3.3.2 to install windows then upgrading the windows temp install to 4.2.1 and replication only users and groups to the 4.2.1 new platform but I have access to old media.

  Any ideas would be appreciated.  Thank you.

  The best would be to install v3.3.2, reproduce the configuration and it 4.2.1.15 in path/procedure to upgrade next since you do not have access to OLD media. You can import users and devices using the RDBMS feature.

  To export devices network of ACS 3.3.2 engine solution. Go to network setup > Search > maintains the search that is default parameter to search the entire. Press search. There will be a 'Download' option that will appear in the left corner of the search results. Click on save this list.

  This list will include,

  -Name

  -IP address

  -Type

  -Name NDG (if applicable)

  NOTE: This will not contain customer AAA Shared Secret keys have

  Once the devices are exported, you can import this file to ACS for windows.

  http://www.Cisco.com/en/us/products/sw/secursw/ps5338/products_tech_note...

  You may not be able to export the ACS SE users. You may need to manually create with the new passwords.

  Kind regards

  Jousset

  ---

  Posted by WebUser Jatin Katyal of the Cisco support community App

• Group ACS 5.3 removal Migrated_NDGs

  Hello

  I got the task to disentangle a 5.3 ACS server, devices are all imported from a former ACS 4.x server. All the devices in the "Migrated_NDGs" of the Group was created by the migration tool.

  Since I have no need of this group is safe to just delete the Group and the devices will remain in ACS?

  The only groups of network device I really need are the groups 'Rent' and 'Device Type'. Unfortunately, I don't have another server to test on and I do not want to delete the Group and find out that 700 + devices have also disappeared from ACS!

  You also wouldn't not possible to the device to export to CSV, delete them all of CSA, delete the 'Migrated_NDGs' group and then use the CSV file to import the devices return again, but less the Group column "Migrated_NDGs."

  Any help much appreciated.

  Mel

  I just tried this on my server and things worked well.

  If you delete the NDG has child nodes nodes, you may need to remove these nodes first, and when you do this, if there are devices that reference the node that you are deleting, then they get modified to refer to the root node. When finally only the root node is left then can remove the NDG.

  Having said that I recommend to do an export of network devices before starting a backup

  Would be interested to hear how you got and that things went well

• ACS 5.8.0.32 CLI Password Recovery does not

  Everything by making a change of password on my servers emergency ACS SNS-3415 5.8.0.32 production as a result of a termination of employment IT, I found myself having recover the CLI password for my administrative accounts.

  From a bootable USB key using of an ACS 5.8.0.32 .iso, I made my way through the menus, see the list of accounts that I waited, entered new passwords, saved my changes, then use the menu option (q) to restart. When the system came, it had not been changed passwords.

  I have tried for the same operation on the two hosts of ACS production and Lab host, with the same result.

  I got a picture Recovery.iso of Cisco TAC, but it did not change the result.

  ACS servers are up and running and maintenance actively GANYMEDE queries as expected, I can't get to the CLI.

  Any advice?   I can rebuild if necessary, but it should really be an easier way to do it.

  Hi James,

  We have the bug (CSCuy45998) for her. Please install patch4 and try for recovery.

  Thank you

  Catherine

  Please evaluate the useful messages and mark the correct answers.

• Illustrator puppets to the host character - issue of stroke

  Only, I finished my puppet and imported into host character, but a problem with a stroke.

  Some features (one to be precise) is not resized like all other traits, and I do not know how to solve this problem.

  I am posting the screenshot just to be more clear that I can

  the 3 first screenshots are:

  view from the front in illustrator

  

  Left profile in illustrator

  

  Right profile in illustrator

  

  all strokes have the same weight and as I noticed they are automatically resized by the host of characters adobe.

  
  

  everything is ok on the main view (view from the front in character animator)

  

  
  

  but the stroke occurs I turn face (keyboard triggered)
  

  as you can see, it looks good with the exception of only one on the nose which is not resized.

  

  What should I do to fix this?
  pls don't tell me to extend to all the games on illustrator... I would like to avoid this...

  Sorry for my bad English, I'm not motherlanguage.

  Thank you

  Alberto

  OK, I found why I had this problem.
  The problem was on the contour options

  Each shot was
  

  with the exception of this single trait which has been
  

  then they looked basically the same, but they were not!

  Thanks anyway
  You can close this post!

  See you soon

• Private network between hosts in different regions

  Dear guys,

  I have just asked me if it would be possible that 2 hosts in different regions (EU-NA) can communicate on a virtual private network over the Wan.

  How to perform I thought to arrive at:

  -import the host NA in a cluster in the EU vcenter

  -create a tmp DVS and attach 2 guests to the DVS

  -create a private VLAN GP and configure 2 virtual machines with this PG = > they just have to communicate with each other, this is just a test

  The question I have is this: given that the 2 hosts are in different regions, traffic of 2 VMs would go across the WAN using the DVS even?

  Thanks in advance.

  Daniele

  I thought on it and it is not possible, DVS and a dummy network, we have L2 and we have no tools for the encapsulation of L2 to L3, I have no NSX.

  I will give points me

  Daniele

• Moving hosts between active EVC clusters (going from 4.1 to 5.5)

  Hi all

  This is my first post here on communities and I hope it will be a great moment

  Currently, we are running a cluster of production unique (4.1U3a vCenter) made 10 IBM x 3850 X 5 hosts where:

  • 5 guests have X 7560 Intel processors (ESXi 4.1U3)
  • 5 guests have CPUs of E7 - 8837 Intel (ESXi 4.1U3)

  Cluster is active EVC: Nehalem Genesis (Xeon Core i7)

  He must now leave whole cluster existing 4.1U3a vCenter for a new vCenter 5.5U1 constantly of the VMs system (we cannot touch/upgrading old vCenter). Is it not possible? Correct me if I'm wrong, but I want to do this way:

  1. Disable HA and DRS on 4.1U3a Cluster (let such VCA what)
  2. Disconnect the 4.1U3a Cluster hosts (a)
  3. Once that all hosts are disconnected remove hosts in the cluster 4.1U3a (one)
  4. Create new Cluster on 5.5U1 vCenter
  5. Select CVS on the new Cluster 5.5U1 vCenter (and set it to Nehalem Genesis (Xeon Core i7), as was the old 4.1U3a vCenter)
  6. Add a host 5.5U1 vCenter, off the new cluster (on the level of data center)
  7. Move newly added welcome the new active EVC Cluster to vCenter 5.5U1
  8. Repeat steps 6 and 7 for all remaining hosts
  9. Turn on HA and DRS on the new Cluster on 5.5U1 vCenter
  10. Test of vMotion and to each ESXi (and pray it works)

  This plan could work? I was testing this on the lab environment and all seems OK, but I'm afraid I missed something. As far as I understand CVS it should work as long as I'm not power cycle all VM during the hosts 'move '.

  Thank you all for your help.

  Normally you can not add directly to a cluster as when you import the host to vCenter he does not see as having enabled EVC and is safe.  I was wondering for the sake of ease, not want you back up the database from the old server and put this backup on the new and just update?  It may contain some old information, you may not, but that would mean that your hosts basically would come immediately upward in the cluster without having to do all that extra work.  Also do not go to the 5.5 Update 1 if you use NFS.

• Fill the CSV file with the host name and the name of data store

  Hello

  How can include the hostname in my output csv file?

  The following code adds the name of the data store but not the host name:

  import-csv hosts | % {get-vmhost-name $_.name} | Get-Datastore. SELECT name.

  Export-csv ESX - Datastore.csv - notypeinformation - useculture

  How to watch your entry CSV file?

  If it's something like

  Name

  ESX1

  ESX2

  Do it like this

  &{foreach($esx in (Get-VMHost -Name (Import-Csv host.csv -UseCulture | Select -ExpandProperty Name))){    $esx | Get-Datastore |    Select @{N="VMHost";E={$esx.Name}},Name}} | Export-Csv report.csv -NoTypeInformation -UseCulture