Ben,
That's actually what I ended up doing last night. I made a snapshot of my VM
with the blank ACS config on it, and restored that snapshot point in ESX.
Worked like a charm.
Regards,
Jay McMickle- 3x CCNP (R&S,Security,Design), CCIE #35355 (R&S)
________________________________
From: Ben Shaw <[email protected]>
To: Jay McMickle <[email protected]>
Cc: "[email protected]" <[email protected]>; CCIE Security Maillist
<[email protected]>
Sent: Tuesday, September 11, 2012 1:55 AM
Subject: Re: [OSL | CCIE_Security] Factory Default ACS 4.2
Hey Matt
what I find is the easiest is to make the ACS server a VM with everything
installed in a fresh/blank ready to go state and then just create a copy of the
VM anytime you need a fresh install and run that copy. I use ESX server for
this and its easy to clone the virtual disk and when done the whole machine is
back to how it was originally with a blank desktop, ACS install etc.
Ben
On Tue, Sep 11, 2012 at 3:09 PM, Jay McMickle <[email protected]> wrote:
Matt,
>I had to dig back through my trash to find this email thread, but I ran into
>the same need tonight. The answer is that you can wipe the user accounts, but
>not the Network device database.
>
>I needed to wipe my ACS server in between Mock labs, and I didn't want to go
>through the pain of wiping or reinstalling it. In the end, I gave up and just
>reinstalled it. I now have the fresh empty databse if you want to email me
>directly and I'll shoot it to you.
>
>C:\Program Files\CiscoSecure ACS v4.1\bin>csutil -n
>CSUtil v4.1(4.13), Copyright 1997-2007, Cisco Systems Inc
>Creating a new database will destroy the existing one.
>The persistent logged-on user list will also be destroyed.
>Are you sure you want to proceed? (Y or N)Y
>Initializing database....
>Done
>
>
>http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.0/user/guide/ae.html
> Creating an ACS Internal Database
>You can use the -n option to create an ACS internal database. The -n option
>empties the user table and shared profile components table, initializes user,
>group, and network access profiles, and creates a new database.
>________________________________
>
>Note Using the -n option requires that you stop the CSAuth service. While
>CSAuth is stopped, no users are authenticated.
>________________________________
>
>________________________________
>
>Caution Using the -n option erases all user information in the ACS internal
>database. Unless you have a current backup or dump of your ACS internal
>database, all user accounts are lost when you use this option.
>________________________________
>
>To create an ACS internal database:
>________________________________
>
>Step 1 If you have not performed a backup or dump of the ACS internal
>database, do so now before proceeding. For more information about backing up
>the database, see Backing Up ACS with CSUtil.exe.
>Step 2 On the computer that is running ACS, open an MS-DOS command prompt and
>change directories to the directory containing CSUtil.exe. For more
>information about the location of CSUtil.exe, see Location of CSUtil.exe and
>Related Files.
>Step 3 If the CSAuth service is running, type:
>net stop csauth
>Press Enter.
>The CSAuth service stops.
>Step 4 Type:
>CSUtil.exe -n
>Press Enter.
>CSUtil.exe displays a confirmation prompt.
>Step 5 To confirm that you want to initialize the ACS internal database, type
>Y and press Enter.
>The ACS internal database is initialized. This process may take a few minutes.
>
>Step 6 To resume user authentication, type:
>net start csauth
>Press Enter.
>________________________________
>
>
>
>Regards,
>Jay McMickle- 3x CCNP (R&S,Security,Design), CCIE #35355 (R&S)
>
>
>
>From: Jay McMickle <[email protected]>
>To: "[email protected]" <[email protected]>
>Cc: Matt Hill <[email protected]>; CCIE Security Maillist
><[email protected]>
>Sent: Saturday, September 1, 2012 8:36 AM
>Subject: Re: [OSL | CCIE_Security] Factory Default ACS 4.2
>
>
>I agree.
>
>
>Jay McMickle- CCIE #35355 (R&S) | Sr. Network and Security Architect,
>Technical Lead
>Baker Hughes | Global Core Network, Voice and Security Services
>Office: 281.209.7961 | Fax: 281.209.7966
>Cell: 713.591.8825 | [email protected]
>http://www.bakerhughes.com | Advancing Reservoir Performance
>Sent from my iPad, secured with Cisco Anyconnect
>
>On Sep 1, 2012, at 6:37 AM, Alexei Monastyrnyi <[email protected]> wrote:
>
>
>if you backup your ACS right after installation and then restore from this
>copy, it should give you some sort of "factory defaults"
>>
>>HTH
>>A.
>>
>>
>>
>>On 9/1/2012 1:59 PM, Matt Hill wrote:
>>
>>Hi Everyone, Is there any way (apart from a reimage/reinstall) to factory
>>default
an ACS 4.2 install? I cant seem to find it easily. Cheers,
Matt CCIE #22386
CCSI #31207
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
http://www.ipexpert.com/ Are you a CCNP or CCIE and looking for a job? Check
out http://www.platinumplacement.com/
>>
>_______________________________________________
>>For more information regarding industry leading CCIE Lab training, please
>>visit http://www.ipexpert.com/
>>
>>Are you a CCNP or CCIE and looking for a job? Check out
>>http://www.platinumplacement.com/
>
>
>_______________________________________________
>For more information regarding industry leading CCIE Lab training, please
>visit www.ipexpert.com
>
>Are you a CCNP or CCIE and looking for a job? Check out
>www.PlatinumPlacement.com
>
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
