Примечания к выпуску для Cisco Cisco Aironet 350 Wireless LAN Client Adapter
6
Release Notes for Cisco Aironet Configuration Administration Tool (ACAT) 1.3
OL-5388-01
New Features
PACs are created by Cisco Secure ACS and are identified by an ID. The user obtains his or her own copy
of the PAC from the server, and the ID links the PAC to the profile created by ACAT or the ACU. When
manual PAC provisioning is enabled, the PAC file is manually copied from the server and imported into
the client device using the ACU. The following rules govern PAC storage:
of the PAC from the server, and the ID links the PAC to the profile created by ACAT or the ACU. When
manual PAC provisioning is enabled, the PAC file is manually copied from the server and imported into
the client device using the ACU. The following rules govern PAC storage:
•
In most cases PACs are provisioned and stored separately for each Windows logon user. These
per-user PACS are not viewable by other users.
per-user PACS are not viewable by other users.
•
If a profile is configured to use manual provisioning, each user must manually provision his or her
own PAC for that profile using the ACU.
own PAC for that profile using the ACU.
•
PAC files can be added or replaced using the ACU import feature, but they cannot be removed or
exported.
exported.
•
For profiles configured with saved EAP-FAST usernames and passwords, the PACs are not stored
per user but in a global PAC area shared by all users. Global PACs are also enabled when the No
Network Connection Unless User Is Logged In check box is unchecked on the ACU. These global
PACs can be imported using the ACU and used by all users.
per user but in a global PAC area shared by all users. Global PACs are also enabled when the No
Network Connection Unless User Is Logged In check box is unchecked on the ACU. These global
PACs can be imported using the ACU and used by all users.
Note
Checking the Use Saved Username and Password check box in ACAT this enables the option
on the ACU. You must use the ACU to enter the EAP-FAST username and password
parameters.
on the ACU. You must use the ACU to enter the EAP-FAST username and password
parameters.
Note
PACs are also stored globally on computers that use the Novell Network login prompt or any
other third-party login application that does not share its credentials with the EAP-FAST
supplicant.
other third-party login application that does not share its credentials with the EAP-FAST
supplicant.
EAP-FAST authentication is designed to support the following user databases over a wireless LAN:
•
Cisco Secure ACS internal user database
•
Cisco Secure ACS ODBC user database
•
Windows NT/2000/2003 domain user database
•
LDAP user database
LDAP user databases (such as NDS) support only manual PAC provisioning while the other three user
databases support both automatic and manual PAC provisioning.
databases support both automatic and manual PAC provisioning.
Note
If the EAP-FAST security module was not selected during installation, the EAP-FAST option is
unavailable in the ACU. To enable and disable EAP-FAST, you must run ACAT or the Install Wizard
again and choose EAP-FAST. EAP-FAST is supported in ACAT and Install Wizard versions 1.3 and
later.
unavailable in the ACU. To enable and disable EAP-FAST, you must run ACAT or the Install Wizard
again and choose EAP-FAST. EAP-FAST is supported in ACAT and Install Wizard versions 1.3 and
later.