cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
682
Views
0
Helpful
4
Replies

disable caching ACS dynamic users

miklos.andrasi
Level 1
Level 1

Hi all!

I have an ACS 3.3(2)b2 what use AD as an external DB. I experianced, that dynamic users created after successful authentication from the AD, and these users don't purge themself from the ACS internal DB. I did a test environment, and the same thing happened. I upgraded the ACS to 4.0, and the same thing happened.

I find a mention in the ACS4.0 user guide, what says the following:

"Users that are dynamically mapped will keep on being dynamically mapped even when their group

mapping settings are modified to a group which is set to Disable caching of dynamically mapped users."

So my question is, where can I disable caching of dynamically mapped users?

Thanks a lot for the answers!

By(e)

Miki

1 Accepted Solution

Accepted Solutions

Ivan Martinon
Level 7
Level 7

Miki,

This is a feature that is added on ACS 4.2 see the release notes below:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/release/notes/ACS42_RN.html#wp90436

Option of disabling caching of dynamic users-Administrators can determine whether they want to disable the creation of dynamic users while using an external database for authentication. Minimal performance disruption occurs when disabling caching of dynamic users.

View solution in original post

4 Replies 4

Ivan Martinon
Level 7
Level 7

Miki,

This is a feature that is added on ACS 4.2 see the release notes below:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/release/notes/ACS42_RN.html#wp90436

Option of disabling caching of dynamic users-Administrators can determine whether they want to disable the creation of dynamic users while using an external database for authentication. Minimal performance disruption occurs when disabling caching of dynamic users.

Oh, Thank You!

I will try it.

Miki

Have you given this a try? What has been your experience? According to the notes it mentions it disables the actual creation (which I find hard to believe) and that's different from disabling the caching of dynamic users.

Hi Jack!

I was out of office, but now I tried it, and this function does what I need to. The authentication from the external DB is succesfully, but after it ACS doesn't create a new (dynamic) user in its internal DB.

I don't know why it is a new feature, but it very usefull I think.

Thank you for the answers! This issue is solved!

By(e)

Miki

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: