EasyManua.ls Logo

Cisco CSACS-1121-K9 - Show Debug-Adclient; Reset-Management-Interface-Certificate

Cisco CSACS-1121-K9
190 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
A-109
CLI Reference Guide for the Cisco Secure Access Control System 5.1
OL-18996-01
Appendix A ACS Command Reference
ACS Configuration Commands
When you issue this command, the ACS server performs the following process:
1. For first-time management interface certificate reset:
a. Disconnects the association of the invalid certificate with the management interface.
The disconnected invalid certificate remains in the database.
b. Creates a new self-signed certificate with the subject name host--reset.
c. Associates the new self-signed certificate with the management interface.
2. For subsequent resets (for an existing certificate with the subject name host--reset):
a. Disconnects all the associations (the management interface, external policy server, and EAP
server associations from the invalid certificate).
b. Creates a new self-signed certificate with the subject name host--reset.
c. Associates the new self-signed certificate with the management interface and establishes the
connections between the new certificate and external policy and EAP servers.
In the subject name of the certificate host--reset, host refers to the ACS server name. If the hostname is
lnx-01, then the certificate’s subject name would be lnx-01--reset.
Examples Example 1 – Success
acs/admin(config-acs)# reset-management-interface-certificate
Resetting ACS Management Interface Certificate...
Management Interface Certificate Reset Completed.
acs/admin(config-acs)#
Example 2 – Failure
acs/admin(config-acs)# reset-management-interface-certificate
Resetting ACS Management Interface Certificate...
Failed to Reset Management Interface Certificate.
See the logs for more details
acs/admin(config-acs)#
show debug-adclient
To display the debug logging status for an Active Directory client, use the show debug-adclient
command in the ACS Configuration mode. Any user, irrespective of role, can issue this command.
show debug-adclient
Syntax Description No arguments or keywords.
Defaults No default behavior or values.
Command Modes ACS Configuration

Table of Contents

Related product manuals