Security

Hi,

Just upgraded my cppn dev server to 6.6 from 6.5.5 which seemed to go fairly easily. However ....

 

I wanted to sync my configs on the dev server with our production cluster running 6.5.4. I therefor spent a while exporting various configs from 6.5.4 to 6.6. The 1st thing I found was that the RADIUS VSA for HP are now for Hewlet-Packard-Enterprise!. While settings on the dev server were migrated o.k. importing screwed up coz VSA vendor HP didn't exist any more.

 

Importing devices from 6.5.4 -> 6.6. failed  so I had to edit the xml file to get the vendor into the right format .... which also failed because some of the devices already existed.

 

Howeve the thing I'm stuck with is the fact that although I seem to have imported some authentication sources successfully and they're visible and accessible from the gui, none of them seem to work. Also when I try to delete any of them I get a message saying

 

Authorization Source get_mac_info - 010615 is not present

I know its there because I can view/edit it. I've tried rebooting the server but stiil says this. Is it possible to delete a data source from the cli?

 

Rgds

Alex

 

It is correct that between ClearPass 6.5 and ClearPass 6.6 the RADIUS dictionaries were renamed from HP to Hewlett Packard Enterprise; and I can imagine that importing backups from older versions (or newer versions) may result into these kind of issues.

 

If you still have these issues, please open a TAC case, as TAC has tools for deeper database access to resolve this.

Hi
It's o.k. had to rebuild the dev server back to 6.5 ->6.5.4 ( prodn
server), resync config to production service so just upgraded to 6.5.5 and
then to 6.6.6 so stuff sorted. However was good to know when I bite the
bullet and upgrade the production service.
A