disable caching ACS dynamic users

Answered Question
Mar 5th, 2009
User Badges:

Hi all!


I have an ACS 3.3(2)b2 what use AD as an external DB. I experianced, that dynamic users created after successful authentication from the AD, and these users don't purge themself from the ACS internal DB. I did a test environment, and the same thing happened. I upgraded the ACS to 4.0, and the same thing happened.

I find a mention in the ACS4.0 user guide, what says the following:


"Users that are dynamically mapped will keep on being dynamically mapped even when their group

mapping settings are modified to a group which is set to Disable caching of dynamically mapped users."


So my question is, where can I disable caching of dynamically mapped users?


Thanks a lot for the answers!


By(e)

Miki

Correct Answer by Ivan Martinon about 8 years 1 month ago

Miki,


This is a feature that is added on ACS 4.2 see the release notes below:


http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/release/notes/ACS42_RN.html#wp90436


Option of disabling caching of dynamic users-Administrators can determine whether they want to disable the creation of dynamic users while using an external database for authentication. Minimal performance disruption occurs when disabling caching of dynamic users.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Ivan Martinon Thu, 03/05/2009 - 09:18
User Badges:
  • Cisco Employee,

Miki,


This is a feature that is added on ACS 4.2 see the release notes below:


http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/release/notes/ACS42_RN.html#wp90436


Option of disabling caching of dynamic users-Administrators can determine whether they want to disable the creation of dynamic users while using an external database for authentication. Minimal performance disruption occurs when disabling caching of dynamic users.

miklos.andrasi Mon, 03/09/2009 - 06:56
User Badges:

Hi Jack!


I was out of office, but now I tried it, and this function does what I need to. The authentication from the external DB is succesfully, but after it ACS doesn't create a new (dynamic) user in its internal DB.

I don't know why it is a new feature, but it very usefull I think.


Thank you for the answers! This issue is solved!


By(e)

Miki

Actions

This Discussion