Filter
Top Products
4-4
Configuration Guide for Cisco Secure ACS 4.2
OL-14390-02
Chapter 4 Using RDBMS Synchronization to Create dACLs and Specify Network Configuration
Using RDBMS Synchronization to Configure dACLs
Step 3: Code an accountActions File to Create the dACL and Associate a User or
Group with the dACL
To create a an AccountActions CSV file to create a dACL and assign it to a User or Group:
Step 1 Create a text file by using a text editor of your choice; for example, Notepad.
Step 2 Code a statement to create a User or Group. For example, to create a User named Troy, who belongs to
a Group named Group, and has an initial password of ipassword, code the following statement:
1,1,Troy,Group 5,100,ipassword,7/8/2008 15:00,0,,,0
Step 3 Code a statement to create a dACL. For example, to create a dACL called DACL_for_Troy that is
specified in a text file called dACL_create.txt, code the following statement:
2,1,,,385,C:\dACL_folder\dACL_create.txt,7/8/2008 15:00,0,,,0
Action code 385 creates a dACL. The value directly after the action code specifies the directory path and
filename of the text file that specifies the dACL. In the sample code shown in
Example 4-1 and
Example 4-2, this is the dACL_create.txt file.
The value after the directory path and filename must specify a timestamp for the file; for example,
7/8/2008 15:00.
Step 4 Code a statement to associate the dACL with a specified User. For example, to associate the dACL
DACL_for_Troy with the User Troy, code:
3,1,Troy,,380,DACL_For_Troy,7/8/2008 15:00,0,,,0
The third value in this statement specifies the User (Troy) to associate the dACL with. Action code 380
associates dACL with the User, and the value immediately after the action code specifies the dACL name
(dACL_for_Troy).
The value after the dACL name must specify a timestamp for the action; for example, 7/8/2008 15:00.
Step 5 Save the file:
• ACS for Windows—Save the file to a directory on the Windows machine that is running ACS.
• ACS SE—Save the file to a directory on an FTP server used with the ACS SE.
Sample accountActions CSV File
Example 4-2 shows a sample accountActions CSV file.
Note The default filename for the CSV is accountactions.csv. However, you can rename it.
Example 4-2 Sample accountActions CSV File
SequenceId,Priority,UserName,GroupName,Action,ValueName,DateTime,MessageNo,ComputerNames,A
ppId,Status
1,1,Troy,Group 5,100,ipassword,7/8/2008 15:00,0,,,0
2,1,,,385,C:\dACL_folder\dACL_create.txt,7/8/2008 15:00,0,,,0
3,1,Troy,,380,DACL_For_Troy,7/8/2008 15:00,0,,,0