Table of Contents
Advertisement
User-Defined RADIUS Vendors and VSA Sets
Attribute Definition
Table E-9
Attribute Definition Keys
Keys
Required
Type
Yes
Profile Yes
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
E-34
Each RADIUS vendor/VSA import file must have one attribute definition section
for each attribute defined in the vendor and VSA set section. The section header
of each attribute definition section must match the attribute name defined for that
attribute in the vendor and VSA set section.
attribute definition section.
Value Required
Description
See Description. The data type of the attribute. It must be one of the
following:
STRING
INTEGER
IPADDR
If the attribute is an integer, the Enums key is valid.
See Description. The attribute profile defines if the attribute is used for
authorization or accounting (or both). At least one of the
following two values must be present in the Profile key
definition:
IN—The attribute is used for accounting. After you add the
attribute to Cisco Secure ACS, you can configure your
RADIUS accounting log to record the new attribute. For
more information about RADIUS accounting logs, see the
"RADIUS Accounting Log" section on page
OUT—The attribute is used for authorization.
In addition, you can use the value "MULTI" to allow several
instances of the attribute per RADIUS message.
Combinations are valid. For example:
Profile=MULTI OUT
or
Profile=IN OUT
Appendix E
Cisco Secure ACS Command-Line Database Utility
Table E-9
lists the valid keys for an
9-7.
78-13751-01, Version 3.0
Advertisement
Table of Contents
Troubleshooting
