Cisco Systems CSACS3415K9 Manual De Usuario
8-67
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
Chapter 8 Managing Users and Identity Stores
Managing External Identity Stores
•
Check the check box next to the identity store you want to duplicate, then click Duplicate.
•
Click the identity store name that you want to modify, or check the box next to the name and click
Edit.
Edit.
Step 3
Complete the fields in the General tab. See
for a description of
the fields in the General tab.
Step 4
You can:
•
Click Submit to save the RADIUS Identity Server.
•
for a description of the fields
in the Shell Prompts tab.
•
Click the Directory Attributes tab. See
for a description
of the fields in the Directory Attributes tab.
•
Click the Advanced tab. See
for a description of the
fields in the Advanced tab.
Step 5
Click Submit to save the changes.
Related Topics
•
•
Configuring General Settings
Table 8-19
RADIUS Identity Server - General Tab
Option
Description
Name
Name of the external RADIUS identity server.
Description
(Optional) A brief description of the RADIUS identity server.
SafeWord Server
Check this check box to enable a two-factor authentication using a
SafeWord server.
SafeWord server.
Server Connection
Enable Secondary Server
Check this check box to use a secondary RADIUS identity server as a
backup server in case the primary RADIUS identity server fails.
backup server in case the primary RADIUS identity server fails.
If you enable the secondary server, you must configure the parameters for
the secondary RADIUS identity server and must choose one of the
following options:
the secondary RADIUS identity server and must choose one of the
following options:
•
Always Access Primary Server First—Select this option to ensure that
ACS always accesses the primary RADIUS identity server first before
the secondary server is accessed.
ACS always accesses the primary RADIUS identity server first before
the secondary server is accessed.
•
Failback To Primary Server After n Minutes—Select this option to set
the number of minutes ACS can use the secondary server for
authentication.
the number of minutes ACS can use the secondary server for
authentication.
After this time expires, ACS should again attempt to authenticate
using the primary server. The default value is 5 minutes.
using the primary server. The default value is 5 minutes.