Manage Credential Profiles
Credential profiles are collections of credentials for SNMP, Telnet, SSH, HTTP, and other network protocols. You can have multiple protocols and credentials in a single credential profile.
Using credential profiles lets you automate device configuration changes and monitoring, and communicate with providers. When you add or import devices, or create providers, you specify the credential profile.
From the Credential Profiles window, you can create a new credential profile, update the settings configured for an existing profile, or delete a profile. To open this window, choose from the main menu.
Item | Description |
---|---|
1 |
Click to add a credential profile. See Create Credential Profiles. |
Click to edit the settings for the selected credential profile. See Edit Credential Profiles. |
|
Click to delete the selected credential profile. See Delete Credential Profiles. |
|
Click to import new credential profiles from a CSV file. You can also download a CSV file template by clicking this icon. The template includes sample data that you can use as a guide for building your own CSV file. See Import Credential Profiles. |
|
Click to export credential profiles to a CSV file. See Export Credential Profiles. |
|
2 |
Click to refresh the Credential Profiles window. |
Click to choose the columns to make visible in the Credential Profiles window. |
|
3 |
Click to set filter criteria on one or more columns in the Credential Profiles window. |
Click the Clear Filter link to clear any filter criteria you may have set. |
Create Credential Profiles
Follow the steps below to create a new credential profile. You can then use the profile to apply credentials consistently when you add new devices or providers. You can add as many protocols and corresponding credentials to the profile as you want.
If you have many credential profiles to add, you may find it more efficient to put the information in a CSV file and import the file. See Import Credential Profiles.
When creating device credential profiles that contain SNMP credentials, Cisco recommends that the profile contains credentials for the version of SNMP enabled on the device, and that version only. For example: If SNMPv3 is not enabled in the device configuration, do not include SNMPv3 credentials in the device credential profile.
If you plan to use the import and export features and CSV files to create credential profiles in bulk, please note that:
-
All the characters in each password or community string entry in every credential profile exported to a CSV file are replaced with asterisks (Export Credential Profiles).
-
You cannot import credential profiles if the passwords and community strings in the CSV file are blank (see Import Credential Profiles).
To maintain network security, Cisco recommends that you use asterisks in place of real passwords, and community strings in any CSV file you plan to import. After the import, follow the steps in Edit Credential Profiles to replace the asterisks with actual passwords and community strings.
Procedure
Step 1 |
From the main menu, choose . |
||||||||||||||||||||||||
Step 2 |
Click . |
||||||||||||||||||||||||
Step 3 |
In the Profile Name field, enter a descriptive profile name. The name can contain a maximum of 128 alphanumeric characters, plus dots (.), underscores ("_") or hyphens ("-"). No other special characters are allowed. If you will have many credential profiles, make the name as informative as possible because that information will be displayed on the Credential Profiles panel. |
||||||||||||||||||||||||
Step 4 |
Select a protocol from the Connectivity Type dropdown. |
||||||||||||||||||||||||
Step 5 |
Complete the credentials fields described in the following table. The required and optional fields displayed varies with the connectivity type you chose. The values you enter must match the values configured on the device.
|
||||||||||||||||||||||||
Step 6 |
(Optional) Click + Add Another and repeat the previous steps, as needed, for all other protocols and corresponding credentials you want to add to this credential profile. |
||||||||||||||||||||||||
Step 7 |
Click Save. |
Import Credential Profiles
Complete the steps below to create a CSV file that specifies multiple credential profiles and then import it into the Cisco Crosswork application.
Importing credential profiles from a CSV file adds any profiles not already in the database. You cannot import a credential profile that already exists.
If you are re-importing a credential profile CSV file that you previously exported and modified, remember that all the passwords and community strings in the exported credential profile CSV file are replaced with asterisks. You cannot re-import an exported credential profile CSV file with blank passwords. To maintain security, Cisco recommends that you use asterisks in place of real passwords and community strings in the CSV file. After the import, follow the steps in Edit Credential Profiles to replace the asterisks with actual passwords and community strings.
Procedure
Step 1 |
From the main menu, choose . |
Step 2 |
Click to open the dialog box. |
Step 3 |
If you have not already created a credential profile CSV file to import: |
Step 4 |
Click Browse to navigate to the CSV file you just created and then click Open to select it. |
Step 5 |
With the CSV file selected, click Import. The credential profiles you imported should now be displayed in the Credential Profiles window. |
Edit Credential Profiles
A credential profile can be shared by multiple devices, even hundreds of devices in a large network. Complete the following procedure to edit credential profile settings.
Before editing any credential profile, it is always good practice to export a CSV backup of the profiles you want to change (see Export Credential Profiles).
Procedure
Step 1 |
From the main menu, choose . |
Step 2 |
From the left-hand side of the Credential Profiles window, select the profile you want to update, and click . |
Step 3 |
Make the necessary changes and then click Save. |
Export Credential Profiles
Exporting credential profiles stores all the profiles you selected in a CSV file. This is a quick way to make backup copies of your credential profiles. You can also edit the CSV file as needed, and re-import it to add new or modify credential profile data.
The exported credential profiles CSV file does not contain real passwords or community strings. All the characters in the passwords and community strings entries in the credential profiles are replaced with asterisks in the exported CSV file. If you plan on modifying your exported CSV file and then re-importing it, Cisco recommends that you use asterisks in place of real passwords and community strings. After the import, follow the steps in Edit Credential Profiles to replace the asterisks with actual passwords and community strings.
Procedure
Step 1 |
From the main menu, choose . |
Step 2 |
(Optional) In the Credential Profiles window, filter the credential profile list as needed. |
Step 3 |
Check the check boxes for the profiles you want to export. Check the check box at the top of the column to select all the profiles for export. |
Step 4 |
Click . Depending on your browser, you will be prompted to select a path and file name to use when saving the CSV file, or to open it immediately |
Delete Credential Profiles
Follow the steps below to delete a credential profile.
Note |
You cannot delete a credential profile that is associated with one or more devices or providers. |
Procedure
Step 1 |
Export a backup CSV file containing the credential profile you plan to delete (see Export Credential Profiles). |
Step 2 |
Check whether any devices or providers are using the credential profile you plan to delete. You can do this by filtering on the Credential Profile column, which is available on both the Devices window (choose ) and the Providers window (choose ). |
Step 3 |
Reassign the devices or providers to a different credential profile (for help with this task, see Change the Credential Profile for Multiple Devices and Edit Providers). |
Step 4 |
After all devices and providers have had their credential profiles reassigned: From the main menu, choose . |
Step 5 |
In the Credential Profiles window, choose the profile that you want to delete and then click . |
Change the Credential Profile for Multiple Devices
If you want to change the credential profile for a large number of network devices, you may find it more efficient to make the change by editing a devices CSV file. The basic method is:
-
Export a CSV file containing the devices whose credential profiles you want to change (see Export Device Information to a CSV File).
-
Edit the CSV file, changing the credential profile for each device (this credential profile must already exist). Save the edited file.
You will need to make sure that the credential profile to which you are changing already exists. If you have not yet created that credential profile, the CSV import will fail. The credential profile you associate with these devices must also have the authorization credentials for every protocol that was configured for these devices during onboarding. If any credential for a specific protocol configured on the devices is missing from or incorrect in the credential profile, then the CSV import will succeed, but reachability checks will fail for these devices.
Procedure
Step 1 |
From the main menu, choose . |
Step 2 |
Choose the devices whose credential profiles you want to change. Your options are:
|
Step 3 |
Edit and save the new CSV file using the tool of your choice. Be sure to enter the correct credential profile name in the Credential Profile field for each device. |
Step 4 |
Click . |
Step 5 |
In the Import dialog box, click Browse, choose the new CSV file, and click Import. |