Cached Users in ACS 4.1

yaminazim · ‎03-05-2007

Hi-

How long Cached Users(Users whose accounts were automatically added to the Cisco Secure ACS database when Cisco Secure ACS successfully authenticated them using the Unknown User Policy) remains in ACS if the user is inactive? I have noticed in my case some of the users accounts will recreated?

Is there is any way to hardcode all my cached accounts to ACS permanently?

Thanks in Advance

Yamin

akemp · ‎03-06-2007

"Is there is any way to hardcode all my cached accounts to ACS permanently?"

No, thats not how it works. A cached account is created from an external authentication attempt or rule is met. Thats entirely different from a static account where you enter in a user name and password on the local system. You can create those accounts locally, but then they transition from a chaced to a static account.

yaminazim · ‎03-07-2007

Thanks So much for your feedback.

darpotter · ‎03-06-2007

There is... but you will have to enter them into the ACS database manually, or via csutil import or RDBMS Sync.

Basically there are two types of external users - those added manually (ie above) or those added automagically via the unknown user policy.

Its probably possible to dump the exsiting db vi csutil, edit the accounts to unset the auto-created flag then re-import. Might be able to help out here if you needed it.

Darran

at · ‎03-07-2007

hi,

can i do this also with the acs solution engine ?

thank you

alex

darpotter · ‎03-07-2007

In part... you can use rdbms sync to add users with external password types.

You cant use csutil.