Security

Hello,

 

We've been prepping an upgrade from Amigopod to CPPM for some time now and due to several issues, it's been some time since we've imported the Amigopod backup into CPPM. 

 

We've worked on making modifications and testing everything, so the last thing to do at cutover would be to do an export and import of the devices and accounts.

 

The issue I'm seeing is that the exported XML (or CVS) from Amigopod imports all the accounts as accounts.  The XML on the new version of Amigopod has a lot more fields.

 

Is there a script or way to convert the exported XML of Amigopod so it can be imported into CPPM and create the devices and accounts as on the old system?

 

We don't want to do an import from backup since last time, we've 'broke' several of the changes we did.  Unless there's a specific option that we would need to select?

 

Thanks in advance.

su_A_ve,

 

Did you take a look at the "Migrating from Amigopod" document here?  http://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/EntryId/7961/Default.aspx

Hi,

If you are referring to the amigo pod to clear pass 6.1 migration tech
note, this is what we originally followed.

We've since updated the new clear pass to 6.4.5 and when we tried to
do an import again based on the tech note, it broke. Somehow every
user was able to log in as admin, then when we fixed it, they could
not manage their own devices and other funny things. This was support
who helped us with this - they thought it might be issues with trying
to do so in 6.4,5, so we had to revert to backups.

Hence we want to only import the accounts and devices in guest, same
as the endpoints in clear pass (this worked fine).

Since the exported XML of amigo pod is similar to the csv export - the
import makes devices into accounts, I was looking for a script or
format that I could manually import a bunch of devices. This might
also help in the future if I need to quickly add some other devices in
bulk

Now, the import from backup - could I just import the devices an
accounts? Which option would I select?

Or spin up a 6.1, import from amigo pod and then export in XML?

TIA

---
°(((=((===°°°(((===============

Honestly,

 

The Migration guide was written when it was possible to do a fairly straightforward migration from Amigopod to ClearPass.  It was intended to get the influx of users who used Amigopod for years to migrate safely for the majority of their use cases.   As time went on,  the ClearPass paradigm has changed, less and less will be able to automatically upgraded using that procedure, especially if you have a significant amount of data in there.  Moving forward you have three options:

 

- Continue to work with TAC and escalate to see what can really be done with what you have

- Hire Professional Services to do the migration so that you can just say what you want done, and they take responsibility for it

- Start from scratch with ClearPass.  You will have to create new workflows anyway so that might be an opportunity to get rid of redundant or possibly unused data and get your users used to new workflows.  Some of the older workflows were completely replaced by new ones and the data is stored and presented differently, so it might lend itself to easy migration.  Allow the new workflows to generate new data in the new system.  You can even run them side by side for awhile.

 

 

 

Ran out of time tonight, but it's literally ready to go.  The biggest problem was indeed brining back the guests and devices from Amigopod.  By importing them as CSV or XML, all devices would go in as guest accounts.

 

Next, when we imported from the Amigopod backup, selecting only to restore the RADIUS DB, they entries imported and got split accordingly.  However, the devices MAC addresses imported without dashes, and hence CPPM would not authenticate them.

 

After a lot of back and forth, TAC helped with splitting the exported CSV into two (guests and devices) and showed that we needed to add a column for the devices.  That would correctly import the CSV as devices.  

 

Finally, with some Excel formulas, converted all MAC addresses to dashed delimited and imported these.