What’s supported with windows user databases – Cisco 3.3 User Manual

Page 492

Advertising
background image

Chapter 13 User Databases

Windows User Database

13-8

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

What’s Supported with Windows User Databases

Cisco Secure ACS supports the use of Windows external user databases for the
following features:

User Authentication—Cisco Secure ACS supports ASCII, PAP, MS-CHAP
(versions 1 and 2), LEAP, PEAP(EAP-GTC), PEAP(EAP-MSCHAPv2), and
EAP-FAST (phase zero and phase two) authentication with Windows
Security Accounts Manager (SAM) database or a Windows Active Directory
database. Cisco Secure ACS also supports EAP-TLS authentication with a
Windows Active Directory database. Other authentication protocols are not
supported with Windows external user databases.

Note

Authentication protocols not supported with Windows external user
databases may be supported by a different external user database. For
more information about authentication protocols and the external
database types that support them, see

Authentication

Protocol-Database Compatibility, page 1-10

.

Machine Authentication—Cisco Secure ACS supports machine
authentication with EAP-TLS and PEAP(EAP-MSCHAPv2). For more
information, see

EAP and Windows Authentication, page 13-15

.

Group Mapping for Unknown Users—Cisco Secure ACS supports group
mapping for unknown users by requesting group membership information
from Windows user databases. For more information about group mapping
for users authenticated with a Windows user database, see

Group Mapping by

Group Set Membership, page 16-4

.

Password-Aging—Cisco Secure ACS supports password aging for users
authenticated by a Windows user database. For more information, see

User-Changeable Passwords with Windows User Databases, page 13-25

.

Dial-in Permissions—Cisco Secure ACS supports use of dial-in permissions
from Windows user databases. For more information, see

Preparing Users for

Authenticating with Windows, page 13-26

.

Callback Settings—Cisco Secure ACS supports use of callback settings
from Windows user databases. For information about configuring
Cisco Secure ACS to use Windows callback settings, see

Setting User

Callback Option, page 7-9

.

Advertising