Home > Cisco > Control System > Cisco Acs 57 User Guide

Cisco Acs 57 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Acs 57 User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 141

    Page 141 1 Managing Users and Identity Stores Managing Internal Identity Stores Table 39 Advanced Tab Options Description Account Disable Supports account disablement policy for internal users. Never Default option where accounts never expire. All internal users who got disabled because of this policy, are enabled if you select this option. Disable account if Date exceeds Internal user is disabled when the configured date exceeds. For example, if the configured date is 28th Dec 2010, all internal users will... 
    1   
Managing Users and Identity Stores
Managing Internal Identity Stores
Table 39 Advanced Tab
Options Description
Account Disable
Supports account disablement policy for internal users.
Never Default option where accounts never expire. All internal users who got disabled 
because of this policy, are enabled if you select this option.
Disable account if Date exceeds Internal user is disabled when the configured date exceeds. For example, if the 
configured date is 28th Dec 2010, all internal users will...

    Page 142

    Page 142 1 Managing Users and Identity Stores Managing Internal Identity Stores 4.Click Submit. The user password is configured with the defined criteria. These criteria will apply only for future logins. Note: If one of the users gets disabled, the failed attempt count value needs to be reconfigured multiple times. In such a case, the administrators should either note separately the current failed attempt count of that user, or reset the count to 0 for all users. Disabling User Account After N Days of... 
    1
Managing Users and Identity Stores
 
Managing Internal Identity Stores
4.Click Submit.
The user password is configured with the defined criteria. These criteria will apply only for future logins.
Note: If one of the users gets disabled, the failed attempt count value needs to be reconfigured multiple times. In such a case, 
the administrators should either note separately the current failed attempt count of that user, or reset the count to 0 for all users.
Disabling User Account After N Days of...

    Page 143

    Page 143 1 Managing Users and Identity Stores Managing Internal Identity Stores The User Authentication Settings page appears. 2.Check Disable user account after n days of inactivity check box. 3.Enter the number of days in the text box. ACS disables the user account if it is not active for the configured number of days. Creating Internal Users In ACS, you can create internal users that do not access external identity stores for security reasons. You can use the bulk import feature to import hundreds of... 
    1   
Managing Users and Identity Stores
Managing Internal Identity Stores
The User Authentication Settings page appears.
2.Check Disable user account after n days of inactivity check box.
3.Enter the number of days in the text box.
ACS disables the user account if it is not active for the configured number of days.
Creating Internal Users
In ACS, you can create internal users that do not access external identity stores for security reasons.
You can use the bulk import feature to import hundreds of...

    Page 144

    Page 144 1 Managing Users and Identity Stores Managing Internal Identity Stores Click File Operations to: —Add—Adds internal users from the import to ACS. —Update—Overwrites the existing internal users in ACS with the list of users from the import. —Delete—Removes the internal users listed in the import from ACS. Click Export to export a list of internal users to your local hard disk. For more information on the File Operations option, see Performing Bulk Operations for Network Resources and Users, page 7.... 
    1
Managing Users and Identity Stores
 
Managing Internal Identity Stores
Click File Operations to:
—Add—Adds internal users from the import to ACS.
—Update—Overwrites the existing internal users in ACS with the list of users from the import.
—Delete—Removes the internal users listed in the import from ACS.
Click Export to export a list of internal users to your local hard disk.
For more information on the File Operations option, see Performing Bulk Operations for Network Resources and Users, 
page 7....

    Page 145

    Page 145 1 Managing Users and Identity Stores Managing Internal Identity Stores . Table 41 Users and Identity Stores > Internal Identity Store > User Properties Page Option Description General Name Username. Status Use the drop-down list box to select the status for the user: Enabled—Authentication requests for this user are allowed. Disabled—Authentication requests for this user fail. Description (Optional) Description of the user. Identity Group Click Select to display the Identity Groups window. Choose... 
    1   
Managing Users and Identity Stores
Managing Internal Identity Stores
. 
Table 41 Users and Identity Stores > Internal Identity Store > User Properties Page 
Option Description
General
Name Username.
Status Use the drop-down list box to select the status for the user:
Enabled—Authentication requests for this user are allowed.
Disabled—Authentication requests for this user fail.
Description (Optional) Description of the user.
Identity Group Click Select to display the Identity Groups window. Choose...

    Page 146

    Page 146 1 Managing Users and Identity Stores Managing Internal Identity Stores Password Type Displays all configured external identity store names, along with Internal Users which is the default password type. You can choose any one identity store from the list. During user authentication, if an external identity store is configured for the user then internal identity store forwards the authentication request to the configured external identity store. If an external identity store is selected, you cannot... 
    1
Managing Users and Identity Stores
 
Managing Internal Identity Stores
Password  Type Displays all configured external identity store names, along with Internal Users which is the 
default password type. You can choose any one identity store from the list. 
During user authentication, if an external identity store is configured for the user then 
internal identity store forwards the authentication request to the configured external 
identity store. 
If an external identity store is selected, you cannot...

    Page 147

    Page 147 1 Managing Users and Identity Stores Managing Internal Identity Stores 5.Click Submit. The user configuration is saved. The Internal Users page appears with the new configuration. Note: The Password Never Expired/Disabled option on the Creating Internal Users page overrides only the password lifetime settings configured on the System Administration > Users > Authentication Settings > Advanced page. This option does not override the account disablement settings due to date exceeds, days exceeds,... 
    1   
Managing Users and Identity Stores
Managing Internal Identity Stores
5.Click Submit.
The user configuration is saved. The Internal Users page appears with the new configuration.
Note: The Password Never Expired/Disabled option on the Creating Internal Users page overrides only the password lifetime 
settings configured on the System Administration > Users > Authentication Settings > Advanced page. This option does not 
override the account disablement settings due to date exceeds, days exceeds,...

    Page 148

    Page 148 1 Managing Users and Identity Stores Managing Internal Identity Stores The Internal Users page appears. 2.Check one or more check boxes next to the users you want to delete. 3.Click Delete. The following message appears: Are you sure you want to delete the selected item/items? 4.Click OK. The selected internal users are deleted. Related Topics Viewing and Performing Bulk Operations for Internal Identity Store Users, page 21 Creating Internal Users, page 13 Enable and Disable Password Hashing for... 
    1
Managing Users and Identity Stores
 
Managing Internal Identity Stores
The Internal Users page appears.
2.Check one or more check boxes next to the users you want to delete.
3.Click Delete.
The following message appears:
Are you sure you want to delete the selected item/items?
4.Click OK.
The selected internal users are deleted.
Related Topics
Viewing and Performing Bulk Operations for Internal Identity Store Users, page 21
Creating Internal Users, page 13
Enable and Disable Password Hashing for...

    Page 149

    Page 149 1 Managing Users and Identity Stores Managing Internal Identity Stores The Internal Users page appears with the list of available internal users. 2.Check the check box next to the user to whom you want to disable password hash and click Edit. 3.Uncheck the Enable Password Hash check box. 4.Click Submit. The Password hashing option is disabled for the selected internal user. Note: After disabling the Enable Password Hash option, you must change the user password immediately. 5.Check the check box next... 
    1   
Managing Users and Identity Stores
Managing Internal Identity Stores
The Internal Users page appears with the list of available internal users.
2.Check the check box next to the user to whom you want to disable password hash and click Edit.
3.Uncheck the Enable Password Hash check box.
4.Click Submit.
The Password hashing option is disabled for the selected internal user.
Note: After disabling the Enable Password Hash option, you must change the user password immediately.
5.Check the check box next...

    Page 150

    Page 150 2 Managing Users and Identity Stores Managing Internal Identity Stores Note: The Send Email for password expiry before n days check box is disabled if the password lifetime is not configured. 7.Click Submit. The password expiry reminder is configured now. The users will receive an email a day starting from the nth day before their password expires. The email has the following message: Dear User, Your password is going to expire on day, date month year at time UTC. We recommend that you reset your... 
    2
Managing Users and Identity Stores
 
Managing Internal Identity Stores
Note: The Send Email for password expiry before n days check box is disabled if the password lifetime is not configured.
7.Click Submit.
The password expiry reminder is configured now. The users will receive an email a day starting from the nth day before 
their password expires. The email has the following message:
Dear User, 
Your password is going to expire on day, date month year at time UTC. We recommend that you reset your...
    Start reading Cisco Acs 57 User Guide

    Related Manuals for Cisco Acs 57 User Guide

    All Cisco manuals