cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
495
Views
0
Helpful
1
Replies
Highlighted

ACS 5.x Identity Store Sequence and Token validation

Hello

We have a ACS 4.3.2 installed with users authenticating against an Active Directory database. The AD database not only authenticate the users but also assigns the group that is used to select IP address pool.

Now the requirements require to use token authentication with SafeNet. This authentication uses the same username but the password is composed of the original password + OTP.

The problem is that the SafeNet server doesn't return the group membership.

I've read about the Identity Store Sequence in ACS 5.x and I think I could use it in the following sequence:

! configure an Authentication Sequence using the SafeNet token server (this works with ACS 4.x)

I configure an Attribute Retrieval Sequence against the AD database. This would use the username only, no password and would retrieve the group membership.

Would this work?

Thanks in advance.

Everyone's tags (6)
1 REPLY 1
Rising star

ACS 5.x Identity Store Sequence and Token validation

Yes. I think it would. Let me know if any issues in doing this