|
|
These release notes are for the URT 1.2.1 release. They include the information previously in the URT 1.2 release notes. Read this information before installing URT, and use it in combination with the Using the User Registration Tool manual.
These release notes provide the following information:
Use these publications to learn how to install and use URT:
Note The online help and hardcopy manual have not been updated for URT 1.2.1. This release note is included in the online help in Help>What's New in URT 1.2.1. Due to the changes in URT 1.2.1, some information in the online help is no longer correct. Information in this release note overrides the information in the online help and manual.
These sections describe the new features in the URT 1.2.x releases:
These capabilities have been added to URT for release 1.2.1:
Note With 2900XL and 3500XL switches that are clustered, URT configures VMPS on the cluster's command switch. If the command switch becomes unavailable, URT cannot manage logins for clients connected to the other switches in the cluster (the command switch manages VMPS for the other switches in the cluster). When you resolve the availability problem with the command switch, URT will work properly again. If you cannot resolve the command switch problem, you must configure VMPS on each switch in the cluster to regain URT management of logins.
Note The Release IP Address on the Logout option does not work on Windows 2000 clients. The Windows 2000 clients cannot release their IP address during logout.
You can use host registration with any client that has a MAC address that is directly connected to a supported switch (for example, UNIX, Linux, and Apple Macintosh).
Note URT's support for Windows 2000 and Active Directory were tested on Microsoft's RTM (Release to Manufacturing) version of Windows 2000. If there are significant changes to the final version of Windows 2000, these changes might affect URT's support for Windows 2000 and Active Directory. Cisco will work to resolve any issues related to changes in Windows 2000 from RTM to the commercially available version.
These capabilities have been added to URT for release 1.2:
| Caution URT 1.2.1 works only with the CWSI Campus 2.3 or 2.4 application suite that is included with CiscoWorks2000. Do not attempt to use URT 1.2.1 with any other version of CWSI or CWSI Campus. You must install CiscoWorks2000 CWSI Campus before installing URT. |
Read the planning and installation information in the Using the User Registration Tool manual before installing URT. For URT 1.2.1, the installation process no longer asks whether you want to continue to use MAC-based (host-based) VLAN associations. URT 1.2.1 automatically enables MAC-to-VLAN mappings.
This section describes the host-based dynamic VLAN support incorporated in URT 1.2.1. Host-based VLANs use MAC addresses instead of user names to determine the VLAN assignment.
URT's main capability is to assign users to VLANs. This allows you to develop VLAN-based services and ensure that users always get the expected services. As users move from machine to machine in your network, URT can identify the user based on user name and make the appropriate VLAN assignment.
However, URT does not support user-based assignment on all computers. In some cases, such as UNIX, this is because a single machine can support multiple simultaneous users, whereas the associated switch port can be in only one VLAN at a time. In other cases, there is not an appropriate network login that can be captured by the URT client.
Host registration allows you to assign VLANs based on a host's media access control (MAC) address, which is the number associated with the network interface card (NIC) in the computer. Because the VLAN mapping is based on MAC address, it is the host that is mapped to a VLAN, not the user.
However, if you have a one-to-one correspondence between users and hosts (that is, users do not move between hosts), then host registration and user registration will provide essentially identical network policy control. Also, because the VLAN is based on the host's MAC address rather than the switch port, you can move the host to a different port (for example, move a laptop between buildings) and make the desired VLAN assignment.
Host registration is the same capability as switch-based dynamic VLANs using CiscoWorks2000 User Tracking and Catalyst 5000 switch VMPS servers.
You can use host registration with any host that is directly attached to a port on a supported switch. You cannot use host registration with hosts attached to hubs, unsupported switches, or routers.
With host registration, you can include Macintosh, Linux, UNIX, and other types of hosts in your dynamic VLAN planning. You can also use host registration with Windows machines, even if the Windows version supports user registration.
User registration always takes precedence over host registration. URT applies VLAN assignments in this priority order:
1. User name—If you assign a specific VLAN to a user name, that VLAN is used.
2. NT or Active Directory group, or NDS organizational unit membership—If a user name does not have an assigned VLAN, and the user name is a member of an NT or Active Directory group, or NDS organizational unit, URT uses the VLAN assigned to the group or organizational unit (if there is one).
3. MAC address—If a user name does not have a VLAN assignment, and the user name is not a member of a group or organizational unit that has a VLAN assignment, then URT uses the VLAN assigned to the MAC address of the machine (host registration).
Note For clients that do not support user registration, only the MAC address VLAN assignment is checked.
4. Logon VLAN—If there are no VLAN assignments for user name, group name, organizational unit, or MAC address, the user remains in the logon VLAN.
In many cases, you do not have a choice between user and host registration. If you want to use dynamic VLANs for hosts that do not support user registration, you must use host registration.
For those clients that support both user and host registration (Windows 95, Windows 98, Windows NT 4.0, and Windows 2000), consider these points when deciding between user and host registration:
Using the User Registration Tool describes the interaction between URT and User Tracking. With URT 1.2.1, there is increased interaction.
Each time you start URT, URT reads the User Tracking tables. Any new MAC address-to-VLAN mappings in User Tracking are added to the URT MAC Address list in the folder pane. However, if a MAC address already has a VLAN assignment in URT, any assignment for that address in User Tracking is ignored. Thus, when you start managing a MAC address in URT, you must continue managing it within URT (unless you explicitly remove it from URT).
If you make new mappings in User Tracking while URT is running, you can import that new mapping into URT by selecting the MAC address folder in URT and then selecting View>Refresh. All new non-conflicting mappings are added to URT.
When URT reads the User Tracking tables, URT also obtains a list of discovered MAC addresses. When you add a MAC-to-VLAN mapping in URT, URT presents you with a list of these discovered but unmapped addresses. To get an up-to-date list of MAC addresses, Cisco recommends that you do a discovery in User Tracking before starting URT when you intend to work with MAC addresses.
These sections describe the tasks for implementing host registration:
The list of MAC addresses in the main URT window displays only MAC addresses for which there are VLAN mappings. Although URT is aware of all MAC addresses discovered in the network by CiscoWorks2000 User Tracking, you can add only those addresses for which you are creating mappings to the main window list.
URT automatically adds any MAC addresses that have been mapped to VLANs in User Tracking to the URT main window.
Before you start URT to create MAC-to-VLAN mappings, start the CiscoWorks2000 User Tracking application and do a host discovery. User Tracking will collect data on all the MAC addresses it can find in your network. URT displays this information so that you can select MAC addresses from a list. By priming the list of MAC addresses, you will not need to manually enter the MAC addresses.
Select the MAC Addresses folder in the URT folder pane and click the Add button (or select Edit>Add).
URT opens the Host Association window (Figure 1). URT displays all unmapped MAC addresses found by User Tracking in the Discovered MACs list. If a MAC address is already mapped to a VLAN, it is not displayed in the list (mapped MAC addresses are only displayed in the main URT window).
Step 2 Select the MAC addresses you want to map to a particular VLAN in the list of discovered addresses, and click Add>> to add them to the selected MACs list. You can map more than one address at a time, but all MAC addresses in the selected MACs list are mapped to the same VLAN.
You can scroll through the list of addresses quickly by typing the MAC address into the Enter a MAC address field (this is shown in Figure 1). As you type, URT scrolls through the list of discovered MACs to the next address that matches what you have typed. Eventually, the address you are looking for will be highlighted, unless it is an undiscovered address.
If the desired address is not in the discovered MACs list, enter the entire MAC address in the edit box and click Add>> to add it to the selected list. URT does not require that User Tracking discover the MAC address.
You must use hyphens to separate the bytes in the MAC address; you cannot use colons.
Step 3 When you have selected all of the MAC addresses you want to map to the same VLAN, select the VTP domain and the desired VLAN and click OK.
You can change the VLAN mappings for any host that has a mapping, whether the mapping was made in URT or User Tracking.
URT opens the Associate VLAN window.
Step 2 In the Associate VLAN window, select the desired VTP domain and VLAN and click OK.
If you no longer want to use host registration with a host, delete its mappings in URT.
Step 2 Select Edit>Delete.
URT deletes the MAC address and its VLAN mappings.
Note If you delete all the VLAN associations for a MAC address, the MAC address will not show up in the tree.
If you want to use switch-based VMPS servers rather than URT servers to manage host registration, you can still use the URT interface to create the host-based VLAN mappings.
When you save the URT database, URT creates a vmps10.dat file in the dat folder in the URT installation folder on the URT server machines. See the Catalyst 5000 documentation for information on implementing switch-based VMPS using this file.
You can now remove ClientService from Win9x clients by using the command UrtClientUninstall.bat from the PDC.
Step 2 Execute @start %WINDIR%\\urt\\UrtClientUninstall.bat
URT 1.2.1 includes a command that you can use to add user-to-VLAN or host-to-VLAN mappings from the command line. This is primarily useful if you have an automated method of creating a text file with your required mappings. You can pipe this text file into the urt command, thus creating mappings using a batch process.
The urt.bat file resides in the bin subdirectory of the CWSI root directory.
The syntax of the urt command is:
You can get help information by entering urt -help.
Here are some additional tips to troubleshooting URT. For more tips, see the troubleshooting chapter in Using the User Registration Tool.
(a). Try to start CiscoWorks2000 CWSI Campus. If CWSI Campus cannot start, the ANI connection problem is due to a CiscoWorks2000 problem.
(b). If you can successfully start CWSI Campus, make sure that you installed the URT CWSI Upgrade package.
(c). If you installed the CWSI Campus package, make sure that you are using the same ANI server name in CWSI Campus and in URT.
For CWSI Campus, you can find the ANI server name in the etc\cwsi\ani.properties file. Look for the AniName parameter.
For URT, you can find the ANI server name in the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\urtsvc registry entry. Look for the Args parameter.
If the names are different, rerun the URT installation program and enter the correct CWSI Campus ANI server name when prompted.
The user guide and online help for URT was not updated for 1.2.1. A number of changes made in release 1.2.1 have made certain statements in the 1.2 documentation incorrect. This section describes these changes.
Known problems are unexpected behaviors or defects in the product. They are graded according to severity level. These release notes contain information for severity levels 1 and 2 only.
You can search for known problems on the Cisco bug tracking system tool, called Bug Navigator II. To access Bug Navigator II, do one of the following:
Table 1 describes restrictions or other known issues for using URT.
Table 1 URT 1.2 Known Problems
Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.
Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.
CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.
You can access CCO in the following ways:
For a copy of CCO's Frequently Asked Questions (FAQ), contact cco-help@cisco.com. For additional information, contact cco-team@cisco.com.
Note If you are a network administrator and need personal technical assistance with a Cisco product that is under warranty or covered by a maintenance contract, contact Cisco's Technical Assistance Center (TAC) at 800 553-2447, 408 526-7209, or tac@cisco.com. To obtain general information about Cisco Systems, Cisco products, or upgrades, contact 800 553-6387, 408 526-7208, or cs-rep@cisco.com.
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more current than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.
If you are reading Cisco product documentation on the World Wide Web, you can submit comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco. We appreciate your comments.
Posted: Wed May 14 10:47:18 PDT 2003
All contents are Copyright © 1992--2003 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.
Select the address and click the Associate VLAN button.