Filter
Top Products
D-41
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Appendix D CSUtil Database Utility
PAC File Generation
PAC File Options and Examples
When you use the -t option generate PAC files with CSUtil.exe, you have the
following additional options.
• User specification options—While you can choose which user specification
option you want to use, you must choose one of the four options for
specifying which users you want PAC files for; otherwise, CSUtil.exe
displays an error message because no users are specified. User specification
options are as follows:
–
-a—CSUtil.exe generates a PAC file for each user in the CiscoSecure
user database. For example, if you have 3278 users in the CiscoSecure
user database and ran CSUtil.exe -t -a, CSUtil.exe would generate 3278
PAC files, one for each user.
Note Using the -a option restarts the CSAuth service. No users are
authenticated while CSAuth is unavailable.
–
-g N—CSUtil.exe generates a PAC file for each user in the user group
specified by number (N). Cisco Secure ACS has 500 groups, numbered
from 0 (zero) to 499. For example, if group 7 has 43 users and you ran
CSUtil.exe -t -g 7, CSUtil.exe would generate 43 PAC files, one for each
user who is a member of group 7.
Note Using the -g option restarts the CSAuth service. No users are
authenticated while CSAuth is unavailable.
–
-u username—CSUtil.exe generates a PAC file for the user specified by
name (username). For example, if you ran CSUtil.exe -t -u seaniemop,
CSUtil.exe would generate a single PAC file, named
seaniemop.pac.
Tip You can also specify a domain-qualified username, using the format
DOMAIN\username. For example, if you specify
ENIGINEERING\augustin,
Cisco Secure ACS generates a PAC file name ENGINEERING_augustin.pac.