Type definitions, Microsoft sql server and case-sensitive passwords – Cisco 3.3 User Manual

Page 545

Advertising
background image

13-61

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Chapter 13 User Databases

ODBC Database

The Cisco Secure ACS product CD provides “stub” routines for creating a
procedure in either Microsoft SQL Server or an Oracle database. You can either
modify a copy of these routines to create your stored procedure or write your own.
Example routines for creating PAP and CHAP/MS-CHAP/ARAP authentication
stored procedures in SQL Server are given in

Sample Routine for Generating a

PAP Authentication SQL Procedure, page 13-62

, and

Sample Routine for

Generating an SQL CHAP Authentication Procedure, page 13-63

.

The following sections provide reference information about Cisco Secure ACS
data types versus SQL data types, ASCII/PAP/PEAP(EAP-GTC) authentication
procedure input and output, CHAP/MS-CHAP/ARAP authentication procedure
input and output, EAP-TLS authentication procedure input and output, and
expected result codes. You can use this information while writing your
authentication stored procedures in your relational database.

Type Definitions

The Cisco Secure ACS types and their matching SQL types are as follows:

Integer—SQL_INTEGER

String—SQL_CHAR or SQL_VARCHAR

Note

For SQL database columns that hold user passwords, we recommend
using varchar format. If you define password columns as char,
password comparison may fail if the password does not use the full
length of the field. For example, if a password column is 16 characters
wide but the password is only ten characters long, the database may
append six spaces make the value used for password comparison 16
characters long, causing comparison to the actual password submitted
by the user to fail.

Microsoft SQL Server and Case-Sensitive Passwords

If you want your passwords to be case sensitive and are using Microsoft SQL
Server as your ODBC-compliant relational database, configure your SQL Server
to accommodate this feature. If your users are authenticating using PPP via PAP
or Telnet login, the password might not be case sensitive, depending on how the
case-sensitivity option is set on the SQL Server. For example, an Oracle database

Advertising
Popular Brands
Popular manuals