Cisco 3.3 User Manual

Page 336

Advertising
background image

Chapter 9 System Configuration: Advanced

CiscoSecure Database Replication

9-8

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

In its AAA Servers table, a primary Cisco Secure ACS must have an
accurately configured entry for each secondary Cisco Secure ACS.

Note

If you intend to use cascading replication to replicate network
configuration device tables, you must configure the primary
Cisco Secure ACS with all Cisco Secure ACSes that will receive
replicated database components, regardless of whether they receive
replication directly or indirectly from that primary Cisco Secure
ACS. For example, if the primary Cisco Secure ACS replicates to two
secondary Cisco Secure ACSes which, in turn, each replicate to two
more Cisco Secure ACSes, the primary Cisco Secure ACS must have
AAA server configurations for all six Cisco Secure ACSes that will
receive replicated database components.

In its AAA Servers table, a secondary Cisco Secure ACS must have an
accurately configured entry for each of its primary Cisco Secure ACSes.

On a primary Cisco Secure ACS and all its secondary Cisco Secure
ACSes, the AAA Servers table entries for the primary Cisco Secure ACS
must have identical shared secrets.

Only suitably configured, valid Cisco Secure ACSes can be secondary
Cisco Secure ACSes. To configure a secondary Cisco Secure ACS for
database replication, see

Configuring a Secondary Cisco Secure ACS,

page 9-17

.

Replication only occurs when the database of the primary Cisco Secure ACS
has changed since the last successful replication, regardless of how frequently
replication is scheduled to occur. When a scheduled or manually started
replication begins, the primary Cisco Secure ACS automatically aborts
replication if its database has not changed since the last successful
replication.

Tip

You can force replication to occur by making one change to a user or group
profile, such as changing a password or modifying a RADIUS attribute.

Replication to secondary Cisco Secure ACSes takes place sequentially in the
order listed in the Replication list under Replication Partners on the
CiscoSecure Database Replication page.

Advertising