Chapter11 Working with User Databases
CiscoSecure User Database
11-2
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
CiscoSecure User Database
The CiscoSecure user database is the database internal to Cisco Secure ACS. The
CiscoSecure user database draws information from a number of data sources,
including a memory-mapped, hash-indexed file, VarsDB.MDB (in Microsoft Jet
database format), and the WindowsNT /2000 Registry. The memory-mapped,
hash-indexed file uses an index and tree structure, so searches can occur
logarithmically rather than linearly, thus yielding very fast lookup times. This
enables the CiscoSecure user database to authenticate users quickly. See
Figure 11-1 on page 11-3.
Unless you have configured Cisco Secure ACS to authenticate users with an
external user database, Cisco Secure ACS uses usernames and passwords in the
CiscoSecure user database during authentication. If you have configured the
Unknown User policy, CiscoSecure ACS does not rely on a username and
password in the CiscoSecure user database for authentication. For more
information about the Unknown User Policy feature, see the Unknown User
Processing section on page 12-1. If you have configured specific user accounts
to use an external user database to authenticate those users, Cisco Secure ACS
uses information from the specified external user database to perform
authentication. For more information about specifying an external user database
for authentication of a user, see the Adding a Basic User Account section on
page 7-5.