Chapter1 Overview of Cisco Secure ACS
AAA Server Functions and Concepts
1-14
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
The methods and functionality of Windows password aging differ according to
whether you are using Windows NT or Windows 2000 and whether you employ
Active Directory (AD) or Security Accounts Manager (SAM). For information on
the requirements and configuration of the Windows-based password aging
feature, see the “Enabling Password Aging for Users in Windows Databases”
section on page 6-25.
User-Changeable Passwords
With Cisco Secure ACS, you can install a separate program that enables users to
change their passwords by using a web-based utility. For more information about
installing user-changeable passwords, refer to the Web Server Installation for
Cisco Secure ACS for Windows NT/2000 User-Changeable Passwords quick
reference card.
Other Authentication-Related FeaturesIn addition to the authentication-related features discussed in this section, the
following features are provided by Cisco Secure ACS:
•Authentication of unknown users with external user databases (see the
“Unknown User Processing” section on page 12-1)
•Microsoft Windows Callback feature (see the “Setting User Callback Option”
section on page 7-10)
•Ability to import a UNIX password file to the CiscoSecure user database (see
the “Importing User and AAA Client Information” section on page E-13)
•Ability for external users to authenticate via an enable password (see the
“Setting TACACS+ Enable Password Options for a User” section on
page 7-34)
•Proxy of authentication requests to other AAA servers (see the “Proxy in
Distributed Systems” section on page 4-4)
•Configurable character string stripping from proxied authentication requests
(see the “Stripping” section on page 4-6)