Cisco Systems Servers Manuale Utente

E-33

Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide

78-13751-01, Version 3.0

Appendix E Cisco Secure ACS Command-Line Database Utility

User-Defined RADIUS Vendors and VSA Sets

Vendor and VSA Set Definition

Each RADIUS vendor/VSA import file must have one vendor and VSA set
section. The section header must be “[User Defined Vendor]”.

Table E-8

lists

valid keys for the vendor and VSA set section.

For example, the following vendor and VSA set section defines the vendor
"Widget", whose IETF-assigned vendor number is 9999. Vendor Widget has 4
VSAs (thus requiring 4 attribute definition sections):

[User Defined Vendor]

Name=Widget

IETF Code=9999

VSA 1=widget-encryption

VSA 2=widget-admin-interface

VSA 3=widget-group

VSA 4=widget-admin-encryption

Table E-8

Vendor and VSA Set Keys

Keys

Required

Value Required

Description

Name

Yes

Vendor name

The name of the RADIUS vendor.

IETF Code

Yes

An integer

The IETF-assigned vendor number for this vendor.

VSA n
(where n is
the VSA
number)

Yes—you
can define
1 to 255
VSAs

Attribute name

The name of a VSA. For each VSA named here, the file
must contain a corresponding attribute definition
section.

Attribute names must be unique within the RADIUS
vendor/VSA import file, and within the set of all
RADIUS attributes in Cisco Secure ACS. To facilitate
this, we recommend that you prefix the vendor name to
each attribute name, such as "widget-encryption" for
an encryption-related attribute for the vendor Widget.
This also makes accounting logs easier to understand.