Cisco 3.3 User Manual
Page 631
16-3
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 16 User Group Mapping and Specification
Group Mapping by External User Database
Additionally, users authenticated by an ODBC external user database can also be
assigned to a specified Cisco Secure ACS group. Group specification by ODBC
database authentication overrides group mapping. For more information about
specifying group membership for users authenticated with an ODBC database, see
Creating a Cisco Secure ACS Group Mapping for a Token Server,
ODBC Database, or LEAP Proxy RADIUS Server Database
To set or change a token server, ODBC, or LEAP Proxy RADIUS Server database
group mapping, follow these steps:
Step 1
In the navigation bar, click External User Databases.
Step 2
Click Database Group Mappings.
Step 3
Click the name of the token server, LEAP Proxy RADIUS Server, or ODBC
database configuration for which you want to configure a group mapping.
The Define Group Mapping table appears.
Step 4
From the Select a default group for database list, click the group to which users
authenticated with this database should be assigned.
Tip
The Select a default group for database list displays the number of users
assigned to each group.
Step 5
Click Submit.
Cisco Secure ACS assigns unknown and discovered users authenticated by the
external database type you selected in Step 3 to the Cisco Secure ACS group
selected in Step 4. For users authenticated by an ODBC, RADIUS token server,
or LEAP Proxy RADIUS Server database, the mapping is only applied as a default
if those databases did not specify a Cisco Secure ACS group for the user.