C-1
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
APPENDIX
CTACACS+ Attribute-Value Pairs
Cisco Secure Access Control Server for Windows NT/2000 Servers Version 3.0
(Cisco Secure ACS) provides support for Terminal Access Controller Access
Control System (TACACS+) attribute-value (AV) pairs. You can enable different
AV pairs for any supported attribute value.
Cisco IOS Attribute-Value Pair Dictionary
Before selecting TACACS+ AV pairs for CiscoSecure ACS, confirm that your
AAA client is running Cisco IOS Release 11.2 or later. Earlier versions of Cisco
IOS work with Cisco Secure ACS but do not fully support the TACACS+ features
in Cisco Secure ACS.
Note If you specify a given A V pair in CiscoSecure ACS, you must also enable the
corresponding AV pair in the CiscoIOS software running on the AAA client.
Therefore, you must consider which AV pairs your Cisco IOS release supports.
If Cisco Secure ACS sends an AV pair to the AAA client that the CiscoIOS
software does not support, that attribute is not implemented.
For more information on TACACS+ AV pairs, refer to Cisco IOS documentation
for the release of Cisco IOS running on your AAA clients.
Note All TACACS+ values are strings. The concept of value “type” does not exist
in TACACS+ as it does in Remote Access Dial-In User Service (RADIUS).