Filter
Top Products
Chapter 13 User Databases
Windows User Database
13-8
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
What’s Supported with Windows User Databases
Cisco Secure ACS supports the use of Windows external user databases for the
following features:
• User Authentication—Cisco Secure ACS supports ASCII, PAP, MS-CHAP
(versions 1 and 2), LEAP, PEAP(EAP-GTC), PEAP(EAP-MSCHAPv2), and
EAP-FAST (phase zero and phase two) authentication with Windows
Security Accounts Manager (SAM) database or a Windows Active Directory
database. Cisco Secure ACS also supports EAP-TLS authentication with a
Windows Active Directory database. Other authentication protocols are not
supported with Windows external user databases.
Note Authentication protocols not supported with Windows external user
databases may be supported by a different external user database. For
more information about authentication protocols and the external
database types that support them, see Authentication
Protocol-Database Compatibility, page 1-10.
• Machine Authentication—Cisco Secure ACS supports machine
authentication with EAP-TLS and PEAP(EAP-MSCHAPv2). For more
information, see EAP and Windows Authentication, page 13-15.
• Group Mapping for Unknown Users—Cisco Secure ACS supports group
mapping for unknown users by requesting group membership information
from Windows user databases. For more information about group mapping
for users authenticated with a Windows user database, see Group Mapping by
Group Set Membership, page 16-4.
• Password-Aging—Cisco Secure ACS supports password aging for users
authenticated by a Windows user database. For more information, see
User-Changeable Passwords with Windows User Databases, page 13-25.
• Dial-in Permissions—Cisco Secure ACS supports use of dial-in permissions
from Windows user databases. For more information, see Preparing Users for
Authenticating with Windows, page 13-26.
• Callback Settings—Cisco Secure ACS supports use of callback settings
from Windows user databases. For information about configuring
Cisco Secure ACS to use Windows callback settings, see Setting User
Callback Option, page 7-9.