Filter
Top Products
Appendix D CSUtil Database Utility
PAC File Generation
D-42
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
–
-f list—CSUtil.exe generates a PAC file for each username contained in
the file specified, where list represents the full path and filename of the
list of usernames.
Lists of usernames should contain one username per line with no
additional spaces or other characters.
For example, if list.txt in d:\temp\pacs contains the following usernames:
seaniemop
jwiedman
echamberlain
and you ran CSUtil.exe -t -f d:\temp\pacs\list.txt, CSUtil.exe generates
three PAC files:
seaniemop.pac, jwiedman.pac, and echamberlain.pac.
Tip You can also specify domain-qualified usernames, using the format
DOMAIN\username. For example, if you specify
ENIGINEERING\augustin,
Cisco Secure ACS generates a PAC file name ENGINEERING_augustin.pac.
• -passwd password—CSUtil.exe uses the password specified, rather than the
default password, to protect the PAC files it generates. The password you
specify is required when the PACs it protects are loaded into an EAP-FAST
end-user client.
Note We recommend that you use a password you devise rather than the
default password.
PAC passwords can contain any character, are between four and 128
characters long, and case sensitive. While CSUtil.exe does not enforce strong
password rules, we recommend that you use a strong password, that is, your
PAC password should:
–
Be very long.
–
Contain uppercase and lowercase letters.
–
Contain numbers in addition to letters.
–
Contain no common words or names.