Shulou(Shulou.com)06/01 Report--

Backup = =

Acs/admin#acs backup acs repository acsre is commonly used

Restore, which will deactivate the service and take a long time to initialize

Acs restore * .gpg repository acsre

=

Backup / restore backup restores everything, deactivates the service, and restarts the server

Acs-ms/admin# backup ftp repository ppp-back up all data

% backup in progress: Starting Backup...10% completed

% Creating backup with timestamped filename: ftp-160415-0138.tar.gpg

Please enter backup encryption password [8-32 chars]:

Please enter the password again:

% backup in progress: Backing up ADEOS configuration...55% completed

Calculating disk size for / opt/backup/backup-ftp-1460684335

Total size of backup files are 16 M.

Max Size defined for backup files are 3880 M.

% backup in progress: Moving Backup file to the repository...75% completed

% backup in progress: Completing Backup...100% completed

Acs-main/admin# debug transfer 7 * commonly used for troubleshooting

Acs-main/admin# debug copy 7

Acs-main/admin# acs backup adconfig repository ftp-backup application data

6 [7102]: transfer: cars_xfer.c [admin]: ftp copy out of / opt/backup/backup-adconfig-160518-1708-1463562496/adconfig-160518-1708.tar.gpg requested

6 [7102]: transfer: cars_xfer_util.c [586] [admin]: curl version: libcurl/7.16.2 OpenSSL/0.9.7a zlib/1.2.1.2 libidn/0.5.6

7 [7102]: transfer: cars_xfer_util.c [admin]: full url is ftp://192.168.159.1/adconfig-160518-1708.tar.gpg

ACS backup file 'adconfig-160518-1708.tar.gpg' successfully copied to repository 'ftp'

The file name is automatically marked during the day.

Acs backup xx rep ftp / pay attention to backing up data over 32m with FTP, otherwise a transmission error may occur.

Acs-ms/admin# show backup history View backup History

Acs-ms/admin# show restore history View restore History

Reload restarts ACS server

F12 enters the boot menu

Mkdir disk:/backup

Dir * View file directory

Show disks * class linux-ls-l

Show application status acs * View the status of application services

ACS role: PRIMARY

Normally it is running.

Process' database' running

Process' management' running

Process' runtime' running

Process' ntpd' running

Process' view-database' running

Process' view-jobmanager' running

Process' view-alertmanager' running

Process' view-collector' running

Process' view-logprocessor' running

Patch installation patch====

Acs patch install 5-3-0-40-xx.tar.gpg repository repository-name

Acs-sec/admin# acs patch install 5-3-0-40-xx.tar.gpg repository ftp

Installing ACS patch requires a restart of ACS services. Continue? (yes/no) yes

Stopping ACS.

Stopping Management and View...

Stopping Runtime.

Stopping Database....

Cleanup.

Stopping log forwarding.

Installing patch version '5.3.0.40.xxx'

Installing ADE-OS 2.0 patch. Please wait...

About to install files

Removing old war

Removing old war

Removing old war

Removing old war

Removing old war

Removing old war

Removing old war

Removing old war

Monit daemon with pid [4812] killed

.Starting monit daemon with http interface at [localhost:2812]

This patch includes security fixes which requires ACS server reboot. It is highly recommended to proceed with reboot

Do you want to reboot the server? Y/N: y

You have choosen to reboot the server, Rebooting...

Broadcast message from root (pts/0) (Thu May 19 16:40:37 2016):

The system is going down for reboot NOW!

/ opt/CSCOacs/patches/5-3-0-40-xx

Patch'5-3-0-40-10 'version' 5.3.0.40.10 'successfully installed

ACS is already running.

Upgrading an ACS Deployment from 5.3 to 5.5

Note When you upgrade from ACS 5.3to ACS 5.5using the "Reimaging and Upgrading an ACS Server method

You must install patch 8 or a subsequent patch before you start upgrading to ACS 5.5.

Note When you upgrade from ACS 5.3to 5.5using the "Upgrading an ACS server using the ApplicationUpgrade Bundle" method

It is mandatory to install the following patches one by one in the order specified:

1 Install ACS 5.3 patch 8 (ACS 5.3.0.40.8) or a subsequent patch. You need to install patch 8 or a subsequent patch prior to the upgrade or the upgrade may fail.

2 Install the "Pointed-PreUpgrade-CSCum04132-5.3.0.40" patch over patch 8 or a subsequent patch before you start upgrading from ACS 5.3 version.

Bugs: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCum04132/?referring_site=bugquickviewredir

The problems that may occur after the upgrade are not available in ssh

It is recommended that the operation be upgraded in the console operation. If it occurs, make the latest patch, operate under console, and shut down the sshd service. This method may not be feasible.

=

4.upgrade notice that the file name ends with .tar.gz -!

Application upgrade ACS_5.3.tar.gz repository-name = be careful not to press any keys to wait for restart after operation

ACS displays the following confirmation message:

Do you want to save the current configuration? (yes/no) [yes]?

Step 3 Enter yes.

When the ACS upgrade is complete, the following message appears:

% CARS Install application required post install reboot...

The system is going down for reboot NOW!

Application upgrade successful

From the Monitoring and Report Viewer, choose Monitoring Configuration > System Operations > Data Upgrade Status.

The Data Upgrade Status page appears, indicating the status of the Monitoring and Report Viewer data upgrade.

When the database upgrade completes, ACS displays the following message:

Upgrade completed successfully. After the upgrade, confirm that this status is successful!

View the log

Show logg app

AcsLogForward.log

Acsupgrade.log.1

Show acs-log filename xxx corresponds to the log file name to view the detailed log content.

Before show tech upgrade, check whether the space size / storeddata is enough to extract the upgrade package.

Show version view version information

Acs5.5 or above, cli password is limited to 8 or more digits.

ACS default password Policy

Password-policy

Lower-case-required

Upper-case-required

Digit-required

No-username

Disable-cisco-passwords

Min-password-length 6 length

Password-lock-enabled locks up for 10 minutes by default

Password-lock-retry-count 5 times

Acs-sec/admin# acs reset-config 5.3 needs to be reset to change the serial number. After 5.5, there is no need to reset.

This command deletes the current ACS configuration

And resets the ACS configuration to factory defaults.

Cisco recommends that you perform a backup before you execute this command.

Are you sure you want to reset the configuration now? (yes/no) yes

Stopping ACS.

Stopping Management and View..

Stopping Runtime.

Stopping Database....

Stopping Ntpd...

Cleanup...

Resetting configuration to factory defaults.

Starting ACS....

To verify that ACS processes are running, use the

'show application status acs' command.

Secure Access Control System (ACS 5.x and later) Troubleshooting

Http://www.cisco.com/c/en/us/support/docs/security/secure-access-control-system/113485-acs5x-tshoot.html

ACS 5.2 backup 5.3 backup & restore

Http://www.cisco.com/c/en/us/support/docs/security/secure-access-control-system/113639-ptn-113639.html

5.3 to 5.5 Manifest file not found in the bundle problem solution

Http://www.cisco.com/c/en/us/support/docs/security/secure-access-control-system/200333-Troubleshoot-Manifest-file-not-found-Err.html#anc6

Patch pack download

Https://software.cisco.com/download/release.html?mdfid=283883841&release=5.3.0.40&softwareid=282766937

Links to the official website are all available.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.