Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

RDBMS functionalities

Hi All,

Is it possible to create an LDAP database configuration and the related db group mapping via RDBMS on ACS windows version (Release 4.0(1) Build 27)?

What I'm trying to do is maintaing the ACS configuration dynamically up to date with an external Oracle DB.

Thank and Best Regards,

Leo

2 REPLIES
Silver

Re: RDBMS functionalities

If I understand it right, you want to authenticate via LDAP but do group mapping from ODBC?

This isnt possible with ACS as group mapping is performed by the external authenticator - in your case LDAP.

However, your last sentance about maintaining groups via ODBC is possible using the RDBMS Sync feature of ACS. Refer to

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a008052e972.html#wp756992

Darran

New Member

Re: RDBMS functionalities

In our environment we'll be having users authenticating via the internal ACS DB and others via LDAP.

The ones authenticating via LDAP will be divided in different groups and for each group we'll have an LDAP DB config in ACS.

LDAP sends the OK to ACS only if the user to be authenticated exists in the "User Directory Subtree" AND belongs to the "Group Directory Subtree", right? But once ACS got the OK it has to know how to deal with the user, giving him access to devices he can access, and rights. This task is done with "External User Databases -> Database Group Mappings", and it's what I'd like to do automatically with RDBMS.

Is my understanding of the LDAP authentication process wrong? If yes, what do I exaclty do wrong?

If I'm not wrong, will this work with RDBMS?

Thanks

141
Views
0
Helpful
2
Replies
CreatePlease login to create content