ACS 4.2 Question about the Logs

Unanswered Question
Mar 4th, 2009

We use ACS quite abit in form of mapping back to AD for the user database, which can be some what cryptic in the ACS logs of trying to figure out who a username really is. There is a column for 'Real Name', has anyone figure out how to incorporate AD's userfield of Real Name to show up in the ACS log?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
darpotter Thu, 03/05/2009 - 00:29

ACS doesnt pull any data back from AD such as real name etc.

It does (or used to) populate the "External DB Info" field with the name of the authenticating domain.

If you need that level of audit it probably wouldnt be too hard to script an export of the user information from AD, format appropriately for RDBMS Sync and push it into ACS.

RDBMS Sync action code 1 can set the User Define Fields, eg

Action,UN,VN,V1,V2,AI

1,fred,USER_DEFINED_FIELD_0,Fred Jones,TYPE_STRING,APP_CSAUTH

Full info on RDBMS Sync at http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/A_RDBMS.html

Assuming auditing your ACS logs is important to you... take a look at http://www.extraxi.com. We have tools for log harvesting and reporting!

Actions

This Discussion