Chapter 9 System Configuration: Advanced
RDBMS Synchronization
9-30
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Figure 9-2 RDBMS Synchronization
CSDBSync reads each record from the accountActions table and updates the
CiscoSecure user database as specified by the action code in the record. For
example, a record could instruct CSDBSync to add a user or change a user
password. In a distributed environment, a single Cisco Secure ACS, known as the
senior synchronization partner, accesses the accountActions table and sends
synchronization commands to its synchronization partners. In Figure 9-2, Cisco
Secure Access Control Server 1 is the senior synchronization partner and the other
two Cisco Secure ACSes are its synchronization partners.
Note The senior synchronization partner must have AAA configurations for each
Cisco Secure ACS that is a synchronization partners. In turn, each of the
synchronization partners must have a AAA server configuration for the senior
partner. Synchronization commands from the senior partner are ignored if the
Cisco Secure ACS receiving the synchronization commands does not have a AAA
server configuration for the senior partner.
CSDBSync both reads and writes (deletes records) in the accountActions table.
After CSDBSync processes each record, it deletes the record from the table. This
requires that the database user account that you configure the system DSN to use
must have both read and write privileges.
For more information about CSDBSync or other Windows services used by
Cisco Secure ACS, see Chapter 1, “Overview”.
67474
Cisco Secure
Access Control
Server 2
Cisco Secure
Access Control
Server 1
accountActions
Third Party
RDBMS
ODBC
Cisco Secure
Access Control
Server 3