Replication of database ACS SE 3.3.3

Similar Questions

• ACS 4.2 to 5.4 ACS replication of databases

  Hi all

  I would like to know if its possible to install replication of databases of the Cisco ACS server ACS 5.4 4.2 Server?

  Thanks in advance

  Mohsin sarr

  Unfortunately, database replication (update of the trigger) cannot be performed because it requires the two ACS boxes to run the same code.

  If you meant migration then yes it is possible.

  Migration from ACS 4.x for ACS 5.4

  http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_system/5.4/user/guide/migrate.html

  Jatin kone
  -Does the rate of useful messages-

• Replication of database

  I have two separate ACS servers. Of these, one is active and has the entire base. I would like to make a master server and others as before, with their database in the form of images of mirror each other and redundancy as well. Can someone tell me how to set up replication of database in GBA?

  Hello

  All the information you need can be found on the page provided by the following link:

  http://www.Cisco.com/en/us/products/sw/secursw/ps2086/products_configuration_example09186a00800e518a.shtml#T2

  Hope that helps.

• We are in the streams we want to use the tools of replication of database of 3rd party for Oracle freeware. Pls suggest

  We are in the streams we want to use the tools of replication of database of 3rd party for Oracle freeware. Pls suggest

  Hello

  GoldenGate and shareplex are large databases for heteregenous platforms oracle replication tools.

  Shareplex replicates data between heteregenous platforms for example source on Linux and Windows.Shareplex target come from queues so that when we define it a few tables in the configuration of the source files, it will get automatically reproduced in the target database.

  SharePlex 8.6.2 technical documentation

  Concerning

  Rami

• Synchronization of databases ACS!

  Hi all. I have 2 windows machines running acs 4.1. I install just the second machine in a new region. I want to know what will I do on all 150 routers, I added? is it possible to some how synchronize two acs servers such that when one goes down, another will be contacted. I have to re-enter all the data or y at - it an automatic way such that when I make a change on the main sound server automatically replicated to the other acs?

  Hi Rox,

  The ACS replication is one-way replication (from elementary to high school). If you need to appear the second acs and configure it for replication. After replication, it will be all the configuration according to the primary acs.

  Please make sure that the replication is configured correctly. (Checklist)

  (1) make sure you not replicate on NAT. NAT replication does not work because the IP address is used for server authentication.

  (2) then make sure that you are not sending or receiving the distribution table. On the principal server, the distribution table should not be checked in the mailing list, and on the secondary table of distribution should not be checked at the reception.

  (3) then I would like you to check in the list of partners for the secondary server to ensure that the primary is not listed. You should not enter the primary server in the list of partners on the secondary server. However, the primary server must have all secondary servers in its list of partners.

  (4) make sure that the secondary server has replication scheduling set to "manual".

  (5) Please check that your servers all run exactly the same version of ACS and compilation.

  (6) also I would like to know if we have any firewall between two acs servers.

  Please see this link for the replication schedule option,

  http://www.Cisco.com/en/us/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/SCAdv.html#wp756696

  Kind regards

  ~ JG

  Note useful message

• Setting for the remote database ACS 5.2 problem

  Hi all

  I installed ACS 5.2 device and try to backup report database (MS SQL Server 2005) remotely using remote database settings.

  But the database is empty, and the task in the Task Scheduler is failed.

  So I check MonitoringAndReportingScheduler.log and found the log message in the attached file.

  I try to find answer to Cisco community support, but found nothing.

  But I googled an article almost the same condition as mine.

  http://www.experts-exchange.com/Microsoft/development/MS-SQL-Server/SQL-Server-2005/Q_26931183.html

  I wonder what the database configuration should I change to meet the requirement of this backup of report.

  Because there is nothing on the database in the ACS configuration guide.

  Is anyone successfully using this function?

  What does ".

  I changed my ranking of Latin SQL database SQL, and his work. "in the article mean?

  Thanks in advance.

  Hi, Mason,

  It is very probably due to the CSCtk83179 ACS 5 export remote DB SQL view does not.

  You must wait ACS patch 7 for ACS 5.2 or 5.3.

  Cheers, Irina

  ---

  PS: Please, note the useful messages!

• Replication of database 2

  Hi all
  
  Who is best to use in a replication, Golden Gate, or streams?
  
  
  Thank you very much
  
  zxy

  then you can go for 'GOLDEN GATE' easy to install

• Replication of database in production mode

  Hi all
  
  I explored a lot, but again, I'm not sure which method to adopt for * replicate the database server so that transactional traffic and have reported the two can be diverted to two different servers, reporting uses procedures that deal with the data in temporary tables and then the report is out to find
  
  Thanks in advance
  
  Piyush

  Physical Dataguard is read-only.
  Active Dataguard is read-only.

  Dataguard logic can be read-write.

• Problem with ACS 4.2 database replication

  Greetings,

  I'm not able to replicate data between two ACS SE 4.2. I get the following error:

  Inbound replication of database of ACS 'ACS_BEX_001' denied - shared secret mismatch.

  Apparently, the configuration is ok. I enclose the configuration of these two ACS.

  Hello

  The problem you see are because of the Self entered on each ACS is set to 127.0.0.1.  For replication to work, you must set all 4 entries of ACS at the same shared secret, even the self ones.  The problem is when you try to change these entries, it will tell you that you can't use 127.0.0.1, but it also won't let you change the ip address.

  The bug Id for this problem is CSCso36620.  Workaround declares that the CLI, you can use the "set ip" command to put the IP address in the initial INVESTIGATION period and it should update the self entry in the GUI.  At this point, you should be able to update the secret shared on all 4 devices.

  Let me know if you have problems to make it work.

  Thank you

  Nevin

• ACS appliance 4.2 - database replication internal problem

  HelloW

  I'm yunchoul jung in Korea

  now I'm setting up ACS unit 1113 ver4.2

  in internal, primary and secondary database replication server ACS cannot repliacate the database due to the configuration of SELF (127.0.0.1) by default in the configuration of the network.

  so I have a guestion, how do I replace 127.0.0.1 address to the ip address you want or delete SELF (127.0.0.1) address

  I don't understand a procedure of solution in the documentation below.

  Thank you for your help in advance

  Problem: 127.0.0.1 is a reserved address

  You have two units of the ACS SE 1113 and replicate the database internal from the primary to the secondary.

  but you notice this error message in the secondary unit:

  Replication of database of ACS denied - incompatibility of secret shared incoming

  When you try to change the key of course AAA under Network Configuration Server error message is

  returned.

  This is due to a known bug,

  Symptom: 127.0.0.1 address appears in ACS and the replication fails

  Conditions:

  Install Acs S/W version 4.2.0.124

  Disable the network adapter

  Enable network card

  * Go to the network settings page.

  * Should see the AA server IP to be a return loop

  Workaround solution:

  For windows: remove the 127.0.0.1 entry

  For the device: back up the database, install ACS on windows, restore, delete

  the entry, make a backup and restore on the device

  http://Tools.Cisco.com/support/BugToolKit/search/getBugDetails.do?caller=pluginredirector&method=fetchBugDetails&bugId=CSCso39795

  Kind regards

  ~ JG

  Note the useful messages

• Adding to the ACS database replication

  I want to install a backup ACS4.1, the principal server has no replication of database configured on it.

  I would like to add this feature, because I have to make the primary and to replicate its database to the new backup box I put in place, to which I was able to add the feature during installation.

  So I guess my question is: how to add the functionality of replication of database on Cisco ASC4.1 - post install?

  Help, please

  Happy to help.

  Please mark the thread solved, so that others can enjoy

  Kind regards

  Prem

• ACS database does not not after having changed the secondary ip of acs.

  Hello.. Im having 2 ACS 3.1 server. ACS01 (primary) & ACS02 (secondary). We recently moved ACS02 to another site and has changed its ip address.

  When we of database replication from ACS01, we received the error message saying ACS02 has refused the request of replication.

  Any idea what can be the problem?

  Consider these elements when you implement the database replication feature Cisco Secure:

  (1) ACS supports only supported replication of database to other ACS servers. All ACS servers participating in the Cisco Secure database replication must run the same version and patch to FAC level.

  (2) the principal server copy compressed and encrypted the database on the secondary server components. This transmission is done via a connection TCP, Port 2000. The TCP session is authenticated and using an encrypted protocol, Cisco-owners.

  (3) only hosts properly configured, valid ACS can be secondary servers. To add a secondary server, configure it in the AAA servers table in the section of this document Network Configuration. When a server is added to the AAA servers table, the server is displayed for selection as a secondary server in the list of AAA servers as replication partners, on the Cisco Secure database replication page.

  (4) the principal server must be configured as an AAA server and must have a key. The secondary server must have a primary server configured as an AAA server and its key for the primary server must match the key primary servers.

  (5) secondary servers replication takes place sequentially in the order listed in the replication list under replication partners, on the Cisco Secure database replication page. (6) the secondary server that receives the replicated components must be configured to accept replication of database from the primary server. To configure a secondary server for database replication, refer to configuring a secondary Cisco Secure ACS Server of this document section.

  (7) ACS does not support two-way replication of database. The secondary server, which receives the replicated components, check that the primary server is not on its list of replication. If this is not the case, the secondary server accepts replicated components. If so, it rejects the components.

  (8) to replicate the seller of RADIUS defined by the user and the configurations of the specific attribute (VSA) provider successfully, definitions have to be replicated must be identical on the primary and secondary servers. This includes seller RADIUS slots occupy sellers RADIUS defined by the user. For more information on the sellers of the RADIUS and the VSA attributes defined by the user, see section User-Defined RADIUS vendors and VSA sets the document Cisco Secure ACS database command-line Utility.

• The ACS replication ports

  Hello all, I have two ACS 3.3 and I try to replicate but it does not work. The topology is something like this:

  ACS1<->PIX525<->RouterTelmex - Internet - RouterTelmex<->ASA5540<->ACS2

  I test a lot of things, and I guess that the problem is in ASA5540. So the question is: is anyone know which ports need to be opened in ASA5540 to allow replication? I know there must be opening of port 2000, but I think there must be some ports more.

  Thank you very much.

  Gabriel

  Hello Gabriel,

  I know, you only need port 2000 to open for replication of the ACS.

  BTW, did you skinny inspection enabled on the ASA. The ACS replication is running on port 2000 who also happens be the same port as the Skinny Protocol. Make sure that he lean on the two firewall inspection is disabled and see if you can get the replication.

  no correction protocol 2000 skinny

  I hope it helps.

  Kind regards

  Arul

  * Please note all useful messages *.

• ACS 3.2 (2) Build 5 replication problem

  Hi all

  There are two ACS servers, sits inside an ASA 5510 at Headquarters and the other is inside an ASA 5510 on the hot site.

  These 5510 s ASA have been developed to replace two 515Es PIX and the claim is that since the ASAs went replication has stopped working. Of course, it makes no sense to me because there is communication between the ACS server and the firewall is down not anything whenever "replicate now" is issued.

  Unfortunately, I dunno much about ACS then is there something I can look for to help troubelshoot it ACS newspapers say

  WARNING cannot replicate to '4' Server - server does not

  That doesn't help us much, this is a way to get more detailed info journal which could indicate a problem? Thank you.

  Hello

  ACS uses the port TCP/2000 for replication. This port is also used by the skinny Protocol, making the port used by the ACS replication process.

  Fails replication of the ACS from the primary to the secondary, primary school reported that he cannot contact the secondary, and secondary shows any replication of the primary activity.

  A firewall between the two servers, ACS is configured to inspect the skinny Protocol, which uses the same port (TCP/2000) that the ACS replication process.

  If you do not have a call manager behind your firewall, please disable

  Skinny inspect if it is enabled.

  #Under overall policy, take the skinny inspection out of the inspection_default #class.

  don't inspect skinny

  You need to do this on both sides.

  HTH

  JK

  Please evaluate the useful messages-

• ACS 5.3 should consider a local database, if the ad is inaccessible

  Dear support team

  We have ACS 5.x, integrated with AD and members are authenticated using AD user name or local user name

  configured on ACS.

  is it possible that ACS checks the local database only when AD is unreachable, customer doesn't want local database ACS to use as long as AD is available. It's the accounting requirements of their Department system.

  Thanks in advance for your time.

  Ahad

  You're right about everything except the last part, device Admin 1 and 2 are "Selection rules", so they'll be mapped according to their Conditions, if applications authentication is rule Eric the device Admin 1 then the ACS will stay with this service regardless of whether or not the DB is down, ACS will not return to the device Admin 2.

  The only option to use a second database where the primary is down is with identity store sequence, but this option will also use the second database if the primary DB is unable to find the user.

  Unfortunately, there is not an option at the moment to accomplish this objective with specific detail you need.

  Rate if this can help.