Session policy, Session policy options – Cisco 3.3 User Manual
Page 482
Chapter 12 Administrators and Administrative Policy
Session Policy
12-16
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Session Policy
The Session Policy feature controls various aspects of Cisco Secure ACS
administrative sessions.
This section contains the following topics:
•
Session Policy Options, page 12-16
•
Setting Up Session Policy, page 12-17
Session Policy Options
You can configure the following options on the Session Policy Setup page:
•
Session idle timeout (minutes)—Defines the time in minutes that an
administrative session, local or remote, must remain idle before Cisco Secure
ACS terminates the connection. This parameter applies to the Cisco Secure
ACS administrative session in the browser only. It does not apply to an
administrative dial-up session.
An administrator whose administrative session is terminated receives a dialog
box asking whether or not the administrator wants to continue. If the
administrator chooses to continue, Cisco Secure ACS starts a new
administrative session.
•
Allow Automatic Local Login—Enables administrators to start an
administrative session without logging in if they are using a browser on the
computer running Cisco Secure ACS. Such administrative sessions are
conducted using a default administrator account named “local_login”. The
local_login administrator account has all privileges. Local administrative
sessions with automatic local login are recorded in the Administrative Audit
report under the local_login administrator name.
Note
If there are no administrator accounts defined, no administrator name
and password are required to access Cisco Secure ACS locally. This
prevents you from accidentally locking yourself out of Cisco Secure
ACS.