Cisco Systems Servers Manuale Utente

In addition to the three required fields above, the UserName and GroupName 
fields are required for many actions:

If a transaction is acting upon a user account, a value is required in the 
UserName field.

If a transaction is acting upon a group, a value is required in the GroupName 
field.

If a transaction is acting upon AAA client configuration, neither the 
UserName field nor the GroupName field is required.

The UserName and GroupName fields are mutually exclusive; only one of 
these two fields can have a value and neither field is always required.

Cisco Secure ACS reads rows from the  accountActions table and processes them 
in a specific order. Cisco Secure ACS determines the order first by the values in 
the Priority fields (mnemonic: P) and then by the values in the Sequence ID fields 
(mnemonic: SI). Cisco Secure ACS processes the rows with the highest priority 
first. If rows have an equal priority, Cisco Secure ACS processes them by their 
sequence ID, with the lowest sequence ID processed first. For example, if the 
priority for row A is higher than the priority for row B, Cisco Secure ACS would 
process row A first, regardless of whether row B has a lower sequence ID or not.

Thus, the Priority field (P) enables transactions of higher importance to occur 
first, such as deleting a user or changing a password. In the most common 
implementations of RDBMS Synchronization, the third-party system writes to the  
accountActions table in batch mode, with all actions (rows) assigned a priority of 
zero (0).

When changing transaction priorities, be careful that they are processed in the 
correct order; for example, a user account must be created before the user 
password is assigned.