Filter
Top Products
8-75
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 8 Managing Users and Identity Stores
Configuring Identity Store Sequences
Step 2 Do one of the following:
• Click Create.
• Check the check box next to the sequence that you want to duplicate, then click Duplicate.
• Click the sequence name that you want to modify, or check the check box next to the name and click
Edit.
The Identity Store Sequence Properties page appears as described in Table 8-22.
Table 8-22 Identity Store Sequence Properties Page
Option Description
General
Name Enter the name of the identity store sequence.
Description Enter a description of the identity store sequence.
Authentication Method List
Certificate Based Check this check box to use the certificate-based authentication method. If you choose this
option, you must enter the certificate authentication profile. Click Select to choose the profile
from a list of available profiles.
Password Based Check this check box to use the password-based authentication method. If you choose this
option, you must choose the set of identity stores that ACS will access one after another until a
match is found.
If you choose this option, you must select a list of identity stores in the Authentication and
Attribute Retrieval Search List area for ACS to access the identity stores one after another.
Authentication and Attribute Retrieval Search List
Note
This section appears only when you check the Password Based option.
Available Available set of identity stores to access.
Selected Selected set of identity stores to access in sequence until first authentication succeeds. Use the
Up and Down arrows at the right of the list to define the order of access.
ACS automatically retrieves attributes from identity stores that you selected for authentication.
You do not need to select the same identity stores for attribute retrieval.
Additional Attribute Retrieval Search List
Available Available set of additional identity stores for attribute retrieval.
Selected (Optional) The selected set of additional identity stores for attribute retrieval. Use the Up and
Down arrows at the right of the list to define the order of access.
ACS automatically retrieves attributes from identity stores that you selected for authentication.
You do not need to select the same identity stores for attribute retrieval.
Internal User/Host
If internal user/host is not
found or disabled then exit
the sequence and treat as
User Not Found
This option is applicable for the attribute phase and when the Internal Identity Store is in the
Attribute retrieval list.
ACS exists the sequence and treats it as User Not Found if this option is selected and the user
not found or is disabled.