Cisco 3.3 User Manual
Page 331
9-3
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 9 System Configuration: Advanced
CiscoSecure Database Replication
•
IP pool definitions (for more information, see
•
Cisco Secure ACS certificate and private key files.
•
All external user database configurations, including Network Admission
Control (NAC) databases.
•
Unknown user group mapping configuration.
•
User-defined RADIUS dictionaries (for more information, see
Implementation Considerations, page 9-7
).
•
Settings on the ACS Service Management page in the System Configuration
section.
•
All logging configurations.
•
RDBMS Synchronization settings.
•
Third-party software, such as Novell Requestor or RSA ACE client software.
With regard to database replication, we make the following distinctions about
Cisco Secure ACSes:
•
Primary Cisco Secure ACS—A Cisco Secure ACS that sends replicated
CiscoSecure database components to other Cisco Secure ACSes.
•
Secondary Cisco Secure ACS—A Cisco Secure ACS that receives
replicated CiscoSecure database components from a primary Cisco Secure
ACS. In the HTML interface, these are identified as replication partners.
A Cisco Secure ACS can be both a primary Cisco Secure ACS and a secondary
Cisco Secure ACS, provided that it is not configured to be a secondary
Cisco Secure ACS to a Cisco Secure ACS for which it performs as a primary
Cisco Secure ACS.
Note
Bidirectional replication, wherein an Cisco Secure ACS both sends database
components to and receives database components from the same remote
Cisco Secure ACS, is not supported. Replication fails if a Cisco Secure ACS is
configured to replicate to and from the same Cisco Secure ACS.
Note
All Cisco Secure ACSes involved in replication must run the same release of the
Cisco Secure ACS software. For example, if the primary Cisco Secure ACS is
running Cisco Secure ACS version 3.2, all secondary Cisco Secure ACSes should