cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
914
Views
0
Helpful
1
Replies

ACS 5.x Identity Store Sequence and Token validation

fernando_garcia
Level 1
Level 1

Hello

We have a ACS 4.3.2 installed with users authenticating against an Active Directory database. The AD database not only authenticate the users but also assigns the group that is used to select IP address pool.

Now the requirements require to use token authentication with SafeNet. This authentication uses the same username but the password is composed of the original password + OTP.

The problem is that the SafeNet server doesn't return the group membership.

I've read about the Identity Store Sequence in ACS 5.x and I think I could use it in the following sequence:

! configure an Authentication Sequence using the SafeNet token server (this works with ACS 4.x)

I configure an Attribute Retrieval Sequence against the AD database. This would use the username only, no password and would retrieve the group membership.

Would this work?

Thanks in advance.

1 Reply 1

jrabinow
Level 7
Level 7

Yes. I think it would. Let me know if any issues in doing this