Cisco Systems CSACS3415K9 Computer Accessories User Manual

Open as PDF

of 678

8-59

User Guide for Cisco Secure Access Control System 5.4

OL-26225-01

Chapter 8 Managing Users and Identity Stores

Managing External Identity Stores

Manually Intervene to Remove a Down RSA SecurID Server

When an RSA SecurID server is down, the automatic exclusion mechanism does not always work

quickly. To speed up this process, you can remove the sdstatus.12 file from ACS.

Creating and Editing RSA SecurID Token Servers

ACS 5.4 supports RSA SecurID Token Servers for authenticating users for the increased security that

one-time passwords provide. RSA SecurID token servers provide two-factor authentication to ensure the

authenticity of users.

To authenticate users against an RSA identity store, you must first create an RSA SecurID Token Server

in ACS and configure the realm, ACS instance, and advanced settings.

ACS 5.4 supports only one RSA realm. You can configure the settings for the RSA realm. A single realm

can contain many ACS instances.

Note You must obtain the sdconf.rec file from the RSA SecurID server administrator and store it in ACS.

To create or edit an RSA SecurID token server:

Step 1 Select Users and Identity Stores > External Identity Stores > RSA SecurID Token Servers.

The RSA SecurID Token Servers page appears.

Step 2 Click Create.

You can also click the identity store name that you want to modify, or check the box next to the name

and click Edit.

Step 3 Complete the fields in the RSA Realm Settings tab as described in Table 8-15.

Step 4 Click the ACS Instance Settings tab. See Configuring ACS Instance Settings, page 8-60 for more

information.

Table 8-15 RSA Realm Settings Tab

Option Description

General

Name Name of the RSA realm.

Description (Optional) The description of the RSA realm.

Server Connection

Server Timeout n seconds ACS waits for n seconds to connect to the RSA SecurID token server before timing out.

Reauthenticate on Change

Check this check box to reauthenticate on change PIN.

Realm Configuration File

Import new ‘sdconf.rec’ file Click Browse to select the sdconf.rec file from your machine.

Node Secret Status Once the user is first authenticated against RSA SecurID Token Server, the Node Secret Status

is shown as Created.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems CSACS3415K9 Computer Accessories User Manual