Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
1493
Views
0
Helpful
0
Comments

How to configure domain name stripping with Cisco Secure ACS

TCC_2
Level 10
Level 10

‎06-22-2009 05:06 PM - edited ‎02-21-2020 09:55 PM

Core issue

Domain name stripping in Cisco Access Control Server (ACS) is useful when there is a combination of Virtual Private Dialup Network (VPDN) and non-VPDN users connnecting to the network. When a username sent  to Cisco IOS  Software includes an "@" sign (as in username@website.com), and you need to  strip the domain name off the user's ID, you can use directed requests on the router or  the CiscoSecure software on the server.

The first time the users log in, the user name is autopopulated in ACS.  Since a user may come in as "DOMAIN\user" or as "user," names may appear in ACS as "DOMAIN\user" or as "user," resulting in both entries in the database. The duplicate entries can be avoided  by using domain stripping, where the prefix domain with the delimiter "\" can be erased to  have a consistent database.

Resolution

For more information on configuring domain stripping, refer these documents:

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents