beautypg.com

Cisco 3.3 User Manual

Page 331

background image

9-3

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Chapter 9 System Configuration: Advanced

CiscoSecure Database Replication

IP pool definitions (for more information, see

About IP Pools Server,

page 9-44

).

Cisco Secure ACS certificate and private key files.

All external user database configurations, including Network Admission
Control (NAC) databases.

Unknown user group mapping configuration.

User-defined RADIUS dictionaries (for more information, see

Important

Implementation Considerations, page 9-7

).

Settings on the ACS Service Management page in the System Configuration
section.

All logging configurations.

RDBMS Synchronization settings.

Third-party software, such as Novell Requestor or RSA ACE client software.

With regard to database replication, we make the following distinctions about
Cisco Secure ACSes:

Primary Cisco Secure ACS—A Cisco Secure ACS that sends replicated
CiscoSecure database components to other Cisco Secure ACSes.

Secondary Cisco Secure ACS—A Cisco Secure ACS that receives
replicated CiscoSecure database components from a primary Cisco Secure
ACS. In the HTML interface, these are identified as replication partners.

A Cisco Secure ACS can be both a primary Cisco Secure ACS and a secondary
Cisco Secure ACS, provided that it is not configured to be a secondary
Cisco Secure ACS to a Cisco Secure ACS for which it performs as a primary
Cisco Secure ACS.

Note

Bidirectional replication, wherein an Cisco Secure ACS both sends database
components to and receives database components from the same remote
Cisco Secure ACS, is not supported. Replication fails if a Cisco Secure ACS is
configured to replicate to and from the same Cisco Secure ACS.

Note

All Cisco Secure ACSes involved in replication must run the same release of the
Cisco Secure ACS software. For example, if the primary Cisco Secure ACS is
running Cisco Secure ACS version 3.2, all secondary Cisco Secure ACSes should