Chapter 8 Establishing Cisco Secure ACS System Configuration
RDBMS Synchronization
8-28
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
• Oracle 8—Contains the files accountActions.sql and testData.sql.
The accountActions.sql file contains the Oracle 8 SQL procedure needed to
generate an accountActions table. The testData.sql file contains Oracle 8
SQL procedures for updating the accountActions table with sample
transactions that CSDBSync can process.
• SQL Server 6.5—Contains the files accountActions.sql and testData.sql.
The accountActions.sql file contains the Microsoft SQL Server 6.5 SQL
procedure needed to generate an accountActions table. The testData.sql file
contains Microsoft SQL Server 6.5 SQL procedures for updating the
accountActions table with sample transactions that CSDBSync can process.
Cisco Secure ACS Database Recovery Using the accountActions
Table
Because the RDBMS Synchronization feature deletes each record in the ODBC
Import table after processing the record, the accountActions table can be
considered a transaction queue. The RDBMS Synchronization feature does not
maintain a transaction log/audit trail. If a log is required, the external system that
adds records to the accountActions table must create it. Unless the external system
can recreate the entire transaction history in the accountActions table, we
recommend that you construct a transaction log file for recovery purposes. To do
this, create a second table that is stored in a safe location and backed up on a
regular basis. In that second table, mirror all the additions and updates to records
in the accountActions table.
If the database is large, it is not practical to recreate the CiscoSecure user database
by replaying the transaction log for the entire history of the system. Instead, create
regular backups of the CiscoSecure user database and replay the transaction logs
from the time of most recent backup to bring the CiscoSecure user database back
in synchronization with the third-party system. For information on creating
backup files, see the “Cisco Secure ACS Backup” section on page 8-40.
Replaying transaction logs that slightly predate the checkpoint does not damage
the CiscoSecure user database, although some transactions might be invalid and
reported as errors. As long as the entire transaction log is replayed, the
CiscoSecure user database is consistent with the external RDBMS application’s
database.