Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

disable caching ACS dynamic users

Hi all!

I have an ACS 3.3(2)b2 what use AD as an external DB. I experianced, that dynamic users created after successful authentication from the AD, and these users don't purge themself from the ACS internal DB. I did a test environment, and the same thing happened. I upgraded the ACS to 4.0, and the same thing happened.

I find a mention in the ACS4.0 user guide, what says the following:

"Users that are dynamically mapped will keep on being dynamically mapped even when their group

mapping settings are modified to a group which is set to Disable caching of dynamically mapped users."

So my question is, where can I disable caching of dynamically mapped users?

Thanks a lot for the answers!

By(e)

Miki

  • AAA Identity and NAC
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: disable caching ACS dynamic users

Miki,

This is a feature that is added on ACS 4.2 see the release notes below:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/release/notes/ACS42_RN.html#wp90436

Option of disabling caching of dynamic users-Administrators can determine whether they want to disable the creation of dynamic users while using an external database for authentication. Minimal performance disruption occurs when disabling caching of dynamic users.

4 REPLIES
Cisco Employee

Re: disable caching ACS dynamic users

Miki,

This is a feature that is added on ACS 4.2 see the release notes below:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/release/notes/ACS42_RN.html#wp90436

Option of disabling caching of dynamic users-Administrators can determine whether they want to disable the creation of dynamic users while using an external database for authentication. Minimal performance disruption occurs when disabling caching of dynamic users.

New Member

Re: disable caching ACS dynamic users

Oh, Thank You!

I will try it.

Miki

New Member

Re: disable caching ACS dynamic users

Have you given this a try? What has been your experience? According to the notes it mentions it disables the actual creation (which I find hard to believe) and that's different from disabling the caching of dynamic users.

New Member

Re: disable caching ACS dynamic users

Hi Jack!

I was out of office, but now I tried it, and this function does what I need to. The authentication from the external DB is succesfully, but after it ACS doesn't create a new (dynamic) user in its internal DB.

I don't know why it is a new feature, but it very usefull I think.

Thank you for the answers! This issue is solved!

By(e)

Miki

351
Views
0
Helpful
4
Replies
This widget could not be displayed.