18-11
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
Chapter18 Managing System Ad ministration Configurations
Managing Dictionaries
Configuring Internal Identity Attributes
Table18-10 describes the fields in the internal <users | hosts> identity attributes.
Table18-10 Identity Attribute Properties Page
Option Description
General
Attribute Name of the attribute.
Description Description of the attribute.
Attribute Type
Attribute Type (Optional) Use the drop-down list box to choose an attribute type. Valid options are:
String—Populates the Maximum Length and Default Value fields in the page. When y ou
select String as the attribute type and enter a non-null value for a user, the user is
authenticated against the ID store with the name that matches the already set value, for the
attribute that is shown in the user details (ACS-RESERVED-Authen-ID-Store).
Unsigned Integer 32—Populates the Valid Range From and To fields in the page.
IP Address—Populates the Default Value field in the page. This can be either IPv4 or IPv6
addresses.
Boolean—Populates the Default Value check box in the page. When you set the value of the
Boolean attribute as true, it overrides the global settings for the password expiration policy
and deactivates the policy (ACS-RESERVED-Never-Expired).
Date—Populates the Default Value field and calendar icon in the page.
Enumeration—Populates the ID and Value fields and the Add, Edit, Replace, and Delete
buttons.
Maximum Length (Optional) For the String attribute type only. Enter the maximum length of your attribute. The
valid range is from 1 to 256. (Default = 32)
Value Range (Optional) For the Unsigned Integer attribute type only.
From—Enter the lowest acceptable integer value. The valid range is from 0 to 2^31-1
(2147483647). This value must be smaller than the Valid Range To value.
To—Enter the highest acceptable integer value. The valid range is from 0 to 2^31-1
(2147483647). This value must be larger than the Valid Range From value.
Default Value Enter the default value for the appropriate attribute:
String—Up to the maximum length. (Follow the UTF-8 standard.) You can use the letters a
to z, A to Z, and the digits 0 to 9.
Unsigned Integer 32—An integer in the range from 0 to 2^31-1 (21 47483647).
IP Address —Enter the IP address you want to associate with this attribute, in this format:
IPv4 address—x.x.x.x, where x.x.x.x is the IPv4 address (no subnet mask)
IPv6 address—x:x:x:x:x:x:x:x, where x:x:x:x:x:x:x:x i s the IPv6 address (no subnet
mask)
Date—Click the calendar icon to display the calendar pop-up and select a date.
Boolean Value—Select True or False.