Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
How to configure domain name stripping with Cisco Secure ACS
Domain name stripping in Cisco Access Control Server (ACS) is useful when there is a combination of Virtual Private Dialup Network (VPDN) and non-VPDN users connnecting to the network. When a username sent to Cisco IOS Software includes an "@" sign (as in email@example.com), and you need to strip the domain name off the user's ID, you can use directed requests on the router or the CiscoSecure software on the server.
The first time the users log in, the user name is autopopulated in ACS. Since a user may come in as "DOMAIN\user" or as "user," names may appear in ACS as "DOMAIN\user" or as "user," resulting in both entries in the database. The duplicate entries can be avoided by using domain stripping, where the prefix domain with the delimiter "\" can be erased to have a consistent database.
For more information on configuring domain stripping, refer these documents: