11-33
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Chapter11 Working with User Databases ODBC Database
To prepare for authenticating with an ODBC-compliant relational database,
follow these steps:
Step 1 Install the database software on its server. For more information, refer to the
relational database documentation.
Step 2 Create the database to hold the usernames and passwords. The database name is
irrelevant to CiscoSecure ACS, so you can name the database however you like.
Step 3 Create the table or tables that will hold the usernames and passwords for your
users. The table names are irrelevant to Cisco Secure ACS, so you can name the
tables and columns however you like.
Step 4 Write the stored procedures intended to return the required authentication
information to Cisco Secure ACS. For more information about these stored
procedures, see the “Implementation of Stored Procedures for ODBC
Authentication” section on page 11-33.
Step 5 Set up a system DSN on the Cisco Secure ACS server. For steps, see the
“Configuring a System Data Source Name for an ODBC External User Database”
section on page 11-40.
Step 6 Configure Cisco Secure ACS to authenticate users with an ODBC database. For
steps, see the “Configuring an ODBC External User Database” section on
page 11-41.
Implementation of Stored Procedures for ODBC AuthenticationWhen you configure Cisco Secure ACS to authenticate users against an
ODBC-compliant relational database, you must create a stored procedure to
perform the necessary query and return the values that Cisco Secure ACS expects.
Cisco Secure ACS supports ODBC authentication for PAP or
CHAP/MS-CHAP/ARAP protocols; however, the method of authentication
differs for these two sets of protocols.
Authentication for PAP protocol occurs within the relational database; that is, if
the stored procedure finds a record with both the username and the password
matching the input, the user is considered authenticated.