Guest

CiscoWorks Common Services Software

CSM 4.3 Users Cannot Log In to CSM Client Applications After Upgrade

Document ID: 116211

Updated: Jun 26, 2013

Contributed by David Houck, Cisco TAC Engineer.

   Print

Introduction

This document describes issues you might encounter after you upgrade to the Cisco Security Manager Version 4.3 (CSM 4.3). It also discusses the Role-Based Access Control (RBAC) issues you might encounter when you log in to CSM Client Applications. While this document focuses on CSM 4.3, the same problem and solutions might apply to other CSM versions that use the 4.3 Local-RBAC feature as well.

Problem

Once you upgrade to CSM 4.3, you receive this error when you log in to CSM client applications:

116211-problem-CSM-01.gif

This happens when any Local RBAC Authentication, Authorization, and Accounting (AAA) Mode is selected:

116211-problem-CSM-02.png

If the AAA Mode Setup is Local RBAC, CSM 4.3 implements native RBAC for non-Cisco Secure Access Control Server (ACS) AAA Modes. This means that any user who logs in is checked for a role against the Common Services Local User list.

Solution 1

The best practice is to add users to the Common Services Local Users list and assign them to the proper roles. You can do this in the Local User Setup section in Common Services. You can also find it in the CSM Configuration Manager in Tools > CSM Administration > Server Security.

You can log in to the CSM Client with the administrator account that was set up with CSM at the initial installation of the original version.

116211-problem-CSM-03.png

Solution 2

There is a check box in Tools > CSM Administration > Server Security > that allows login for user IDs that are not available in the Local User Database.

You can log in to the CSM Client with the administrator account that was set up with CSM at the initial installation of the original version.

116211-problem-CSM-04.png

Related Information

Updated: Jun 26, 2013
Document ID: 116211