Filter
Top Products
Appendix G ODBC Import Definitions
accountActions Table Specification
G-4
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
In addition to the three required fields above, the UserName and GroupName
fields are required for many actions:
• If a transaction is acting upon a user account, a value is required in the
UserName field.
• If a transaction is acting upon a group, a value is required in the GroupName
field.
• If a transaction is acting upon AAA client configuration, neither the
UserName field nor the GroupName field is required.
Note The UserName and GroupName fields are mutually exclusive; only one of
these two fields can have a value and neither field is always required.
accountActions Table Processing Order
Cisco Secure ACS reads rows from the accountActions table and processes them
in a specific order. Cisco Secure ACS determines the order first by the values in
the Priority fields (mnemonic: P) and then by the values in the Sequence ID fields
(mnemonic: SI). Cisco Secure ACS processes the rows with the highest priority
first. If rows have an equal priority, Cisco Secure ACS processes them by their
sequence ID, with the lowest sequence ID processed first. For example, if the
priority for row A is higher than the priority for row B, Cisco Secure ACS would
process row A first, regardless of whether row B has a lower sequence ID or not.
Thus, the Priority field (P) enables transactions of higher importance to occur
first, such as deleting a user or changing a password. In the most common
implementations of RDBMS Synchronization, the third-party system writes to the
accountActions table in batch mode, with all actions (rows) assigned a priority of
zero (0).
Note When changing transaction priorities, be careful that they are processed in the
correct order; for example, a user account must be created before the user
password is assigned.