Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS Single user fro Authorisation. Proxy for Authentication

I am using a 3661 as a RAS solution. I would like to use Cisco ACS to authorise all users with one user name, and then proxy the authentication off to RSA SecurID. This is so I only have to add users to one database and not both. However I only get it to work if all the users are in both the ACS and SecurID. ACS seems to pass the username on to SecurID even though I am using a post dial window that ask for the username seperately.

Any help would be very much appreciated.

1 REPLY
New Member

Re: ACS Single user fro Authorisation. Proxy for Authentication

I'm assuming that you are using CiscoSecure ACS NT. You don't need to create the username in the ACS database. What you can do is create a policy in the Unknow User database. Go to External User Databases -> click on "Unknown User Policy" -> check " Check the following external user databases". You should see the ACE server under "External databases", select it and click the arrow pointing to the box labelled "Selected Database", then submit. Once you've done this, you will no longer need to add the user in ACS.

Assuming you're running the latest ACS code. Have a look at the following URLs:

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt30/user/d.htm#xtocid2783344

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt30/user/q.htm

117
Views
0
Helpful
1
Replies
CreatePlease login to create content