Cisco Systems 3.3 Vendor and VSA Set Definition

D-35

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Appendix D CSUtil Database Utility

User-Defined RADIUS Vendors and VSA Sets

Vendor and VSA Set Definition

Each RADIUS vendor/VSA import file must have one vendor and VSA set

section. The section header must be “[User Defined Vendor]”. Table D-8 lists

valid keys for the vendor and VSA set section.

Table D-7 RADIUS VSA Import File Section Types

Section Required Number Description

Vendor and

VSA set

definition

Yes 1 Defines the RADIUS vendor and VSA set. For more

information, see Vendor and VSA Set Definition, page D-35.

Attribute

definition

Yes 1 to 255 Defines a single attribute of the VSA set. For more

information, see Attribute Definition, page D-36.

Enumeration No 0 to 255 Defines enumerations for attributes with integer data types.

For more information, see Enumeration Definition,

page D-38.

Table D-8 Vendor and VSA Set Keys

Keys Required

Value

Required Description

Name Yes Vendor

name

The name of the RADIUS vendor.

IETF Code Yes An integer The IETF-assigned vendor number for this vendor.

VSA n (where

n is the VSA

number)

Yes—you

can define

1 to 255

VSAs

Attribute

name

The name of a VSA. For each VSA named here, the file

must contain a corresponding attribute definition section.

Note Attribute names must be unique within the

RADIUS vendor/VSA import file, and within the

set of all RADIUS attributes in Cisco Secure ACS.

To facilitate this, we recommend that you prefix the

vendor name to each attribute name, such as

“widget-encryption” for an encryption-related

attribute for the vendor Widget. This also makes

accounting logs easier to understand.