Contents
xx
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Configuring an AXENT Token Server External User Database
AXENT 11-55
Configuring an RSA SecurID Token Server External User Database 11-56
Deleting an External User Database Configuration 11-58
CHAPTER
12 Administering External User Databases 12-1
Unknown User Processing 12-1
Known, Unknown, and Cached Users 12-2
General Authentication Request Handling and Rejection Mode 12-3
Authentication Request Handling and Rejection Mode with the
Windows NT/2000 User Database 12-4
Windows Authentication with a Domain Specified 12-4
Windows Authentication with Domain Omitted 12-5
Performance of Unknown User Authentication 12-6
Added Latency 12-6
Authentication Timeout Value on AAA clients 12-6
Network Access Authorization 12-7
Unknown User Policy 12-7
Database Search Order 12-8
Configuring the Unknown User Policy 12-8
Turning off External User Database Authentication 12-9
Database Group Mappings 12-10
Group Mapping by External User Database 12-10
Creating a Cisco Secure ACS Group Mapping for a Token Server, ODBC
Database, or LEAP Proxy RADIUS Server Database 12-12
Group Mapping by Group Set Membership 12-13
Group Mapping Order 12-13
No Access Group for Group Set Mappings 12-14