Cisco Systems Servers Manuale Utente

7-35

Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide

78-13751-01, Version 3.0

Chapter 7 Setting Up and Managing User Accounts

Advanced User Authentication Settings

Step 2

Do one of the following:

To use the information configured in the Password Authentication section,
select Use CiscoSecure PAP password.

Note

For information about basic password setup, see the

“Adding a

Basic User Account” section on page 7-5

To employ an external database password, select Use external database
password, and then choose from the list the database that authenticates this
user’s enable password.

Note

The list of databases displays only the databases that you have
configured. For more information, see the

“About External User

Databases” section on page 11-4

To employ a separate password, click Use separate password, and then type
and retype to confirm a control password for this user. This password is used
in addition to the regular authentication.

Step 3

Do one of the following:

If you are finished configuring the user account options, click Submit to
record the options.

To continue to specify the user account options, perform other procedures in
this chapter, as applicable.

Setting TACACS+ Outbound Password for a User

The TACACS+ outbound password enables a AAA client to authenticate itself to
another AAA client via outbound authentication. The outbound authentication
can be PAP, CHAP, MS-CHAP, or ARAP, and results in the Cisco Secure ACS
password being given out. By default, the user’s ASCII/PAP or
CHAP/MS-CHAP/ARAP password is used. To prevent compromising inbound
passwords, you can configure a separate SENDAUTH password.