Re: Adding Users on Cisco Secure ACS Solution Engine 3.3

spbench · ‎10-10-2005

We have a large block of userids we need to add to our ACS 3.3 Solution Engine into the CiscoSecure User Database. When using the web-based GUI, it looks like you can only add one user at a time. Is there anyway to add users as a block with some type of command line, or is there a utility that will add users and also copy user options? It would be helpful if in the Add/Edit user panel, there was the ability to copy settings from a previously installed user definition.

andrewclymer · ‎10-11-2005

You certainly can, there are two utilities to choose from csutil and CSDBSync

csutil is some what limited in what you are able to set, just basic username,password type and group membership

CSDBSync offers more choice allowing setting of filters and RADIUS attributes.

Pick one method, let me know and I'll show you how to build the appropriate import file

spbench · ‎10-11-2005

I'm not sure that csutil would setup all the parameters I need, so I would have to choose CSDBSync. Tacacs is used and not Radius. I need the user to initially be configured disabled, specify his/her real name and description, assign the user to a group, assign a PAP password and confirmation, use group settings for callback, client ip address assignment, and max sessions, establish a date to automatically disable the account, provide no enable privileges, and set a Tacacs+ Outbound password.

andrewclymer · ‎10-18-2005

Attached is an example csv file to use for CSDBSync to create a user, disable it and add a T+ outbound password. Enable priv is disabled by default.

jhillend · ‎11-03-2005

Please note that because of the lack of CLI access on the Cisco Secure ACS Solution Engine, the CSUtil utility is not available. That leaves only RDBMS Synchronization.