Cisco Systems Servers Manuale Utente
Appendix E Cisco Secure ACS Command-Line Database Utility
User and AAA Client Import Option
E-16
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
ONLINE or OFFLINE Statement
CSUtil.exe requires an ONLINE or OFFLINE token in an import text file. The file
must begin with a line that contains only a ONLINE or OFFLINE token. The
ONLINE and OFFLINE tokens are described in
must begin with a line that contains only a ONLINE or OFFLINE token. The
ONLINE and OFFLINE tokens are described in
.
ADD Statements
ADD statements are optional. Only the ADD token and its value are required to
add a user to Cisco Secure ACS. The valid tokens for ADD statements are listed
in
add a user to Cisco Secure ACS. The valid tokens for ADD statements are listed
in
Note
CSUtil.exe provides no means to specify a particular instance of an external
user database type. If a user is to be authenticated by an external user database
and Cisco Secure ACS has multiple instances of the specified database type,
CSUtil.exe assigns the user to the first instance of that database type. For
example, if Cisco Secure ACS has two LDAP external user databases
configured, CSUtil.exe creates the user record and assigns the user to the
LDAP database that was added to Cisco Secure ACS first.
user database type. If a user is to be authenticated by an external user database
and Cisco Secure ACS has multiple instances of the specified database type,
CSUtil.exe assigns the user to the first instance of that database type. For
example, if Cisco Secure ACS has two LDAP external user databases
configured, CSUtil.exe creates the user record and assigns the user to the
LDAP database that was added to Cisco Secure ACS first.
Table E-1
ONLINE/OFFLINE Statement Tokens
Token
Required
Value
Required Description
Required Description
ONLINE
Either ONLINE or
OFFLINE must be
present
OFFLINE must be
present
—
The CSAuth service remains active while CSUtil.exe
imports the text file. CSUtil.exe performance is slower
when run in this mode, but Cisco Secure ACS continues to
authenticate users during the import.
imports the text file. CSUtil.exe performance is slower
when run in this mode, but Cisco Secure ACS continues to
authenticate users during the import.
OFFLINE Either ONLINE or
OFFLINE must be
present
present
—
The CSAuth service is stopped while CSUtil.exe imports
the text file. Although CSUtil.exe performance is fastest in
this mode, no users are authenticated during the import.
the text file. Although CSUtil.exe performance is fastest in
this mode, no users are authenticated during the import.
If you need to import a large amount of user information
quickly, consider using the OFFLINE token. While
performing an import in the OFFLINE mode stops
authentication during the import, the import is much faster.
For example, importing 100,000 users in the OFFLINE
mode takes less than one minute.
quickly, consider using the OFFLINE token. While
performing an import in the OFFLINE mode stops
authentication during the import, the import is much faster.
For example, importing 100,000 users in the OFFLINE
mode takes less than one minute.