Cisco Systems Servers Benutzerhandbuch
11-39
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Chapter 11 Working with User Databases
ODBC Database
The CSNTGroup and CSNTacctInfo fields are processed only after a successful
authentication. The CSNTerrorString file is logged only after a failure (if the
result is greater than or equal to 4).
authentication. The CSNTerrorString file is logged only after a failure (if the
result is greater than or equal to 4).
The procedure must return the result fields in the order listed above.
Result Codes
You can set the result codes listed in
Table 11-5
CHAP/MS-CHAP/ARAP Stored Procedure Results
Field
Type
Explanation
CSNTresult
Integer
See
Result Codes.
CSNTgroup
Integer
The Cisco Secure ACS group number for authorization.
0xFFFFFFFF is used to assign the default value. Values other than
0-499 are converted to the default.
0xFFFFFFFF is used to assign the default value. Values other than
0-499 are converted to the default.
Note
The group specified in the CSNTgroup field overrides
group mapping configured for the ODBC external user
database.
group mapping configured for the ODBC external user
database.
CSNTacctInfo
String
0-16 characters. A third-party defined string is added to subsequent
account log file entries.
account log file entries.
CSNTerror-
String
String
String
0-255 characters. A third-party defined string is written to the
CSAuth service log file if an error occurs.
CSAuth service log file if an error occurs.
CSNTpass-
word
word
String
0-255 characters. The password is authenticated by
Cisco Secure ACS for CHAP authentication.
Cisco Secure ACS for CHAP authentication.
Table 11-6
Result Codes
Result Code
Meaning
0 (zero)
Authentication successful
1
Unknown username
2
Invalid password