Cisco Systems Servers Manuale Utente
Appendix E Cisco Secure ACS Command-Line Database Utility
User-Defined RADIUS Vendors and VSA Sets
E-34
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Attribute Definition
Each RADIUS vendor/VSA import file must have one attribute definition section
for each attribute defined in the vendor and VSA set section. The section header
of each attribute definition section must match the attribute name defined for that
attribute in the vendor and VSA set section.
for each attribute defined in the vendor and VSA set section. The section header
of each attribute definition section must match the attribute name defined for that
attribute in the vendor and VSA set section.
lists the valid keys for an
attribute definition section.
Table E-9
Attribute Definition Keys
Keys
Required
Value Required
Description
Type
Yes
See Description. The data type of the attribute. It must be one of the
following:
STRING
INTEGER
IPADDR
If the attribute is an integer, the Enums key is valid.
Profile Yes
See Description. The attribute profile defines if the attribute is used for
authorization or accounting (or both). At least one of the
following two values must be present in the Profile key
definition:
following two values must be present in the Profile key
definition:
IN—The attribute is used for accounting. After you add the
attribute to Cisco Secure ACS, you can configure your
RADIUS accounting log to record the new attribute. For
more information about RADIUS accounting logs, see the
attribute to Cisco Secure ACS, you can configure your
RADIUS accounting log to record the new attribute. For
more information about RADIUS accounting logs, see the
.
OUT—The attribute is used for authorization.
In addition, you can use the value "MULTI" to allow several
instances of the attribute per RADIUS message.
instances of the attribute per RADIUS message.
Combinations are valid. For example:
Profile=MULTI OUT
or
Profile=IN OUT