Home > Cisco > Control System > Cisco Acs 5x User Guide

Cisco Acs 5x User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Acs 5x User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 161

    Page 161 8-9 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Managing Internal Identity Stores In ACS 5.3, you can configure identity attributes that are used within your policies, in this order: 1.Define an identity attribute (using the user dictionary). 2.Define custom conditions to be used in a policy. 3.Populate values for each user in the internal database. 4.Define rules based on this condition. As you become more familiar with ACS 5.3... 
    8-9
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Managing Internal Identity Stores
In ACS 5.3, you can configure identity attributes that are used within your policies, in this order:
1.Define an identity attribute (using the user dictionary). 
2.Define custom conditions to be used in a policy.
3.Populate values for each user in the internal database.
4.Define rules based on this condition.
As you become more familiar with ACS 5.3...

    Page 162

    Page 162 8-10 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Managing Internal Identity Stores Step 3In the Advanced tab, enter the values for the criteria that you want to configure for your user authentication process. Ta b l e 8 - 3 describes the fields in the Advanced tab. Password may not contain the username Whether the password may contain the username or reverse username. Password may not contain ‘cisco’ Check to specify that the... 
    8-10
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Managing Internal Identity Stores
Step 3In the Advanced tab, enter the values for the criteria that you want to configure for your user 
authentication process. Ta b l e 8 - 3 describes the fields in the Advanced tab. Password may not contain the username  Whether the password may contain the username or reverse username.
Password may not contain ‘cisco’ Check to specify that the...

    Page 163

    Page 163 8-11 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Managing Internal Identity Stores Step 4Click Submit. The user password is configured with the defined criteria. These criteria will apply only for future logins. NoteACS supports any character as passwords and shared secrets that can be represented using UTF-8 encoding. NoteIf one of the users gets disabled, the Failed Attempt Count value needs to be reconfigures multiple times.... 
    8-11
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Managing Internal Identity Stores
Step 4Click Submit.
The user password is configured with the defined criteria. These criteria will apply only for future logins.
NoteACS supports any character as passwords and shared secrets that can be represented using UTF-8 
encoding. 
NoteIf one of the users gets disabled, the Failed Attempt Count value needs to be reconfigures multiple times....

    Page 164

    Page 164 8-12 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Managing Internal Identity Stores Click the username that you want to modify, or check the check box next to the name and click Edit. Check the check box next to the user whose password you want to change, then click Change Password. The Change Password page appears. Step 3Complete the fields as described in Ta b l e 8 - 4 to change the internal user password. Click File Operations... 
    8-12
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Managing Internal Identity Stores
Click the username that you want to modify, or check the check box next to the name and click Edit.
Check the check box next to the user whose password you want to change, then click Change 
Password.
The Change Password page appears. 
Step 3Complete the fields as described in Ta b l e 8 - 4 to change the internal user password.
Click File Operations...

    Page 165

    Page 165 8-13 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Managing Internal Identity Stores Description (Optional) Description of the user. Identity Group Click Select to display the Identity Groups window. Choose an identity group and click OK to configure the user with a specific identity group. Password Information This section of the page appears only when you create an internal user. Password must contain at least 4 characters... 
    8-13
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Managing Internal Identity Stores
Description (Optional) Description of the user.
Identity Group Click Select to display the Identity Groups window. Choose an identity group and click 
OK to configure the user with a specific identity group.
Password Information
This section of the page appears only when you create an internal user.
Password must contain at least 4 characters...

    Page 166

    Page 166 8-14 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Managing Internal Identity Stores Step 5Click Submit. The user configuration is saved. The Internal Users page appears with the new configuration. Related Topics Configuring Authentication Settings for Users, page 8-9 Viewing and Performing Bulk Operations for Internal Identity Store Users, page 8-15 Deleting Users from Internal Identity Stores, page 8-14 Deleting Users from Internal... 
    8-14
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Managing Internal Identity Stores
Step 5Click Submit.
The user configuration is saved. The Internal Users page appears with the new configuration.
Related Topics
Configuring Authentication Settings for Users, page 8-9
Viewing and Performing Bulk Operations for Internal Identity Store Users, page 8-15
Deleting Users from Internal Identity Stores, page 8-14
Deleting Users from Internal...

    Page 167

    Page 167 8-15 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Managing Internal Identity Stores Step 4Click OK. The Internal Users page appears without the deleted users. Related Topics Viewing and Performing Bulk Operations for Internal Identity Store Users, page 8-15 Creating Internal Users, page 8-11 Viewing and Performing Bulk Operations for Internal Identity Store Users To view and perform bulk operations to internal identity store users:... 
    8-15
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Managing Internal Identity Stores
Step 4Click OK.
The Internal Users page appears without the deleted users.
Related Topics
Viewing and Performing Bulk Operations for Internal Identity Store Users, page 8-15
Creating Internal Users, page 8-11
Viewing and Performing Bulk Operations for Internal Identity Store Users
To view and perform bulk operations to internal identity store users:...

    Page 168

    Page 168 8-16 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Managing Internal Identity Stores Creating Hosts in Identity Stores To create, duplicate, or edit a MAC address and assign identity groups to internal hosts: Step 1Select Users and Identity Stores > Internal Identity Stores > Hosts. The Internal Hosts page appears, listing any configured internal hosts. Step 2Click Create. You can also: Check the check box next to the MAC address you... 
    8-16
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Managing Internal Identity Stores
Creating Hosts in Identity Stores
To create, duplicate, or edit a MAC address and assign identity groups to internal hosts:
Step 1Select Users and Identity Stores > Internal Identity Stores > Hosts.
The Internal Hosts page appears, listing any configured internal hosts.
Step 2Click Create. You can also:
Check the check box next to the MAC address you...

    Page 169

    Page 169 8-17 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Managing Internal Identity Stores Step 4Click Submit to save changes. The MAC address configuration is saved. The Internal MAC list page appears with the new configuration. NoteHosts with wildcards (supported formats) for MAC addresses are migrated from 4.x to 5.x. NoteYou can add wildcard for MAC address which allows the entire range of Organization Unique Identifier (OUI)... 
    8-17
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Managing Internal Identity Stores
Step 4Click Submit to save changes.
The MAC address configuration is saved. The Internal MAC list page appears with the new 
configuration.
NoteHosts with wildcards (supported formats) for MAC addresses are migrated from 4.x to 5.x. 
NoteYou can add wildcard for MAC address which allows the entire range of Organization Unique Identifier 
(OUI)...

    Page 170

    Page 170 8-18 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 8 Managing Users and Identity Stores Managing Internal Identity Stores Deleting Internal Hosts To delete a MAC address: Step 1Select Users and Identity Stores > Internal Identity Stores > Hosts. The Internal MAC List page appears, with any configured MAC addresses listed. Step 2Check one or more of the check boxes next to the internal hosts you want to delete. Step 3Click Delete. The following message appears: Are you... 
    8-18
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8      Managing Users and Identity Stores
  Managing Internal Identity Stores
Deleting Internal Hosts
To delete a MAC address:
Step 1Select Users and Identity Stores > Internal Identity Stores > Hosts.
The Internal MAC List page appears, with any configured MAC addresses listed.
Step 2Check one or more of the check boxes next to the internal hosts you want to delete.
Step 3Click Delete.
The following message appears:
Are you...
    Start reading Cisco Acs 5x User Guide

    Related Manuals for Cisco Acs 5x User Guide

    All Cisco manuals