Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
870
Views
0
Helpful
2
Replies

Using Cisco Secure ACS 3.3 with an external ODBC connection with Access

dpatkins
Level 1
Level 1

‎08-24-2004 08:07 AM - edited ‎03-10-2019 01:46 PM

My original goal is to have some ability of user management with our wireless authentication. Currently, we go through the local database on ACS, but we cannot manage these users to any great extent. My plan is to set up a test network where I am using ACS 3.3 with an external ODBC connection. My external database will be Microsoft Access 2003. My questions are, how do I set up the tables in my database so that they will match the tables in the ACS. I need to make sure that I have the "last time" and account was accessed in this database. I also want to know what I would look at in the ACS server that would tell me that this is all working properly. Thanks

Dwane

Labels:
0 Helpful
2 Replies 2

drolemc
Level 6
Level 6

‎09-16-2004 01:07 PM

You could look at the possibility of using LEAP Authentication. Cisco LEAP can work with any ODBC that uses MS-CHAP passwords. You could refer to the white paper at http://www.cisco.com/en/US/netsol/ns339/ns395/ns176/ns314/networking_solutions_white_paper09186a00800b469f.shtml

0 Helpful

mwilgus
Level 1
Level 1

‎09-17-2004 09:39 AM

The way you organize the user data in your ODBC database is completely at your discretion, so long as the query you write for CHAP authentication (which is what LEAP authentication with ODBC is from ACS's perspective) can return the required results to ACS. In brief, a table that has a record per user and stores the user's password should do the trick.

As far as correlating user accounts to network acccess, you should look into using ODBC logging. With the ODBC logging data stored in the same DB that ACS accesses for authentication, you should be able to write reports that will extract in the info you need.

To check whether authentication is succeeding or not, the Passed Authentications and Failed Attempts logs will record whether an authentication attempt fails or succeeds. If it fails due to an ODBC connection problem, there should be some indication of this. You might also keep an eye on the logs for the CSAuth service and, if you implement ODBC logging, the CSLog service.

Relevant user guide URLs:

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/d.htm#wp355442

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/r.htm#wp551202

0 Helpful
Customers Also Viewed These Support Documents