Cisco Systems 3.3 EAP-TLS Procedure Output

Chapter 13 User Databases

ODBC Database

13-68

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Note Because Cisco Secure ACS performs authentication for EAP-TLS, the user

password is not an input (Table 13-4).

The input name is for guidance only. A procedure variable created from it can

have a different name.

EAP-TLS Procedure Output

The stored procedure must return a single row containing the non-null fields.

Table 13-5 lists the procedure results Cisco Secure ACS expects as output from

stored procedure.

Table 13-6 EAP-TLS Stored Procedure Input

Field Type Explanation

CSNTusername String 0-64 characters

Table 13-7 EAP-TLS Stored Procedure Results

Field Type Explanation

CSNTresult Integer See Table 13-8 Result Codes.

CSNTgroup Integer The Cisco Secure ACS group number for authorization. 0xFFFFFFFF is

used to assign the default value. Values other than 0-499 are converted to

the default.

Note The group specified in the CSNTgroup field overrides group

mapping configured for the ODBC external user database.

CSNTacctInfo String 0-15 characters. A customer-defined string that Cisco Secure ACS adds to

subsequent account log file entries.

CSNTerrorString String 0-255 characters. A customer-defined string that Cisco Secure ACS

writes to the CSAuth service log file if an error occurs.