Add statements – Cisco 3.3 User Manual

Appendix D CSUtil Database Utility

User and AAA Client Import Option

D-18

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

ADD Statements

ADD statements are optional. Only the ADD token and its value are required to
add a user to Cisco Secure ACS. The valid tokens for ADD statements are listed
in

Table D-2

.

Note

CSUtil.exe provides no means to specify a particular instance of an external user
database type. If a user is to be authenticated by an external user database and
Cisco Secure ACS has multiple instances of the specified database type,
CSUtil.exe assigns the user to the first instance of that database type. For example,
if Cisco Secure ACS has two LDAP external user databases configured,
CSUtil.exe creates the user record and assigns the user to the LDAP database that
was added to Cisco Secure ACS first.

Table D-2

ADD Statement Tokens

Token

Required

Value
Required

Description

ADD

Yes

username

Add user information to Cisco Secure ACS. If the username
already exists, no information is changed.

PROFILE

No

group
number

Group number to which the user is assigned. This must be a
number from 0 to 499, not a name. If you do not use the
PROFILE token or fail to provide a group number, the user
is added to the default group.

CHAP

No

CHAP
password

Require a CHAP password for authentication.

CSDB

No

password

Authenticate the username with the CiscoSecure user
database.

CSDB_UNIX

No

UNIX-en
crypted
password

Authenticate the username with the CiscoSecure user
database, using a UNIX password format.

EXT_NT

No

—

Authenticate the username with a Windows external user
database.

EXT_NDS

No

—

Authenticate the username with a Novell NDS external user
database.