Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS 4.2 new Domain

Hello!

I need to add new domain in my Windows DB configuration on ACS. I just need to add new domain from "Configure Domain List" ? After that add manual mapping groups from AD to groups in ACS?

Also, what does it mean -

"Submitting the configuration changes removes the dynamic users linked to the database." That all users now connected will be remowed?

Thanks for help!

2 REPLIES
Cisco Employee

Re: ACS 4.2 new Domain

No thats means ACS will not show the dynamically mapped user under users list unless they disconnet and authenticate again via ACS. It will remove all the dynamically mapped user from the ACS ( users exist on AD).


Dynamic user: If the user does not exist in the CS ACS local database, CS ACS marks that user as unknown and checks for an unknown user policy. If the unknown user policy is to fail the user, CS ACS fails the user. Otherwise, if external database is configured, CS ACS forwards that information to the configured external user database. CS ACS tries each external user database until the user succeeds or fails.If the authentication is successful, the user information goes into the cache of CSACS, which has a pointer for using the external user database. This user is known as a dynamic user.

The next time the dynamic user tries to authenticate, Cisco Secure ACS authenticates the user against the database that was successful the first time. These cached user entries are used to speed up the authentication process. Dynamic users are treated in the same way as known users.

HTH

JK


Do rate helpful posts-

~BR Jatin Katyal **Do rate helpful posts**
New Member

Re: ACS 4.2 new Domain

Thank you very much, now I know what does it mean Dynamic User.

And what about new domain in DB?

568
Views
5
Helpful
2
Replies