Windows NT/2000 User Database
What's Supported with Windows NT/2000 User Databases
User Guide for Cisco Secure ACS for Windows Server
11-8
Cisco Secure ACS supports the use of Windows external user databases for the
following features:
•
Authentication—Cisco Secure ACS supports ASCII, PAP, MS-CHAP
(versions 1 and 2), LEAP, and PEAP(EAP-GTC) authentication with
Windows NT 4.0 Security Accounts Manager (SAM) database or a Windows
2000 Active Directory database. Cisco Secure ACS also supports EAP-TLS
authentication with a Windows 2000 Active Directory database. Other
authentication protocols are not supported with Windows NT/2000 external
user databases.
Authentication protocols not supported with Windows NT/2000
Note
external user databases may be supported by a different external user
database. For more information about authentication protocols and
the external database types that support them, see
Protocol-Database Compatibility, page
Group Mapping for Unknown Users—Cisco Secure ACS supports group
•
mapping for unknown users by requesting group membership information
from Windows user databases. For more information about group mapping
for users authenticated with a Windows user database, see
Group Set Membership, page
•
Password-Aging—Cisco Secure ACS supports password aging for users
authenticated by a Windows user database. For more information, see
User-Changeable Passwords with Windows NT/2000 User Databases,
page
11-13.
Dial-in Permissions—Cisco Secure ACS supports use of dial-in permissions
•
from Windows user databases. For more information, see
Authenticating with Windows NT/2000, page
Callback Settings—Cisco Secure ACS supports use of callback settings
•
from Windows user databases. For information about configuring
Cisco Secure ACS to use Windows callback settings, see
Callback Option, page
Chapter 11
12-14.
7-10.
Working with User Databases
Authentication
1-9.
Group Mapping by
Preparing Users for
11-14.
Setting User
78-14696-01, Version 3.1