Description
Upgrading to 8.6 disables previously existing "Network Device Roles" that assign an access value and/or CLI to devices in Topology based on role. This is due to the database not handling the device role entries properly upon upgrade.
Symptoms include:
- Network Device Roles are missing
- New network device role policies are unable to be created
- Devices provisioned network access based upon one of these Network Access Policies are moved to the default VLAN
Scope
Version: 8.5 and lower
Solution
Workaround: Contact Support for assistance in clearing the behavior.
Solution: Addressed in version 8.6.2
Upon upgrade, the existing network device roles are given an invalid ID of -1.
Workaround:
In Control Server CLI, change the value of the existing rows with ID of -1 to be valid:
mysql bsc -e "update RoleMapping set RoleMapping.LOGICAL_NETWORK_ID = NULL where LOGICAL_NETWORK_ID < '0'"
This restores the roles and network device role policies. Upon the next L2 poll, affected hosts should be placed into the correct VLAN.