Cisco Systems Servers Benutzerhandbuch

If fewer minutes have passed than the value specified in the Failback Retry Delay 
box, Cisco Secure ACS attempts to connect to the secondary LDAP server first. 
And if Cisco Secure ACS cannot connect to the secondary LDAP server, 
Cisco Secure ACS then attempts to connect to the primary LDAP server.

If Cisco Secure ACS cannot connect to either LDAP server, Cisco Secure ACS 
stops attempting LDAP authentication for the user. If the user is an unknown user, 
Cisco Secure ACS tries the next external user database listed in the Unknown 
User Policy list. For more information about the Unknown User Policy list, see 
the 

.

Creating a generic LDAP configuration provides Cisco Secure ACS information 
that enables it to pass authentication requests to an LDAP database. This 
information reflects the way you have implemented your LDAP database and does 
not dictate how your LDAP database is configured or functions. For information 
about your LDAP database, refer to your LDAP documentation.

To configure Cisco Secure ACS to use the LDAP User Database, follow these 
steps:

In the navigation bar, click External User Databases.

Click Database Configuration.

Result: Cisco Secure ACS displays a list of all possible external user database 
types.

Click Generic LDAP.

The user authenticates against only one LDAP database.

Result: If no LDAP database configuration exists, only the Database 
Configuration Creation table appears. Otherwise, in addition to the Database 
Configuration Creation table, the External User Database Configuration table 
appears.