Cisco Systems Servers Manuale Utente

The SQL procedure can decide among 1, 2, or 3 to indicate a failure, depending 
on how much information you want the failed authentication log files to include.

A return code of 4 or higher results in an authentication error event. These errors 
do not increment per-user failed attempt counters. Additionally, error codes are 
returned to the AAA client so it can distinguish between errors and failures and, 
if configured to do so, fall back to a backup AAA server.

Successful or failed authentications are not logged; general Cisco Secure ACS 
logging mechanisms apply. In the event of an error (CSNTresult equal to or less 
than 4), the contents of the CSNTerrorString are written to the Windows NT/2000 
Event Log under the Application Log.

On the Cisco Secure ACS server, you must create a system DSN for 
Cisco Secure ACS to communicate with the relational database.

To create a system DSN for use with an ODBC external user database, follow 
these steps:

In Windows Control Panel, double-click the ODBC Data Sources icon.

In the ODBC Data Source Administrator window, click the System DSN tab.

Click Add.

Select the driver you need to use with your new DSN, and then click Finish.

Result: A dialog box displays fields requiring information specific to the ODBC 
driver you selected.

3

Unknown username or invalid 
password

4+

Internal error—authentication 
not processed