Appendix F RDBMS Synchronization Import Definitions
Action Codes
F-10
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
109
REMOVE_PASS_
STATUS
UN,V1
Remove a password status flag. This results in the status
states being linked in a logical XOR condition by the
CSAuth server. V1 should contain one of the following:
•
PASS_STATUS_EXPIRES—Password expires on a
given date.
•
PASS_STATUS_NEVER—Password never expires.
•
PASS_STATUS_WRONG—Password expires after
a given number of login attempts using the wrong
password
•
PASS_STATUS_DISABLED—The account has
been disabled.
110
ADD_PASS_
STATUS
UN, V1
Defines how a password should be expired by
Cisco Secure ACS. To set multiple password states for a
user, use multiple instances of this action. This results in
the status states being linked in a logical XOR condition
by the CSAuth server. V1 should contain one of the
following:
•
PASS_STATUS_EXPIRES—Password expires on a
given date.
•
PASS_STATUS_NEVER—Password never expires.
•
PASS_STATUS_WRONG—Password expires after
a given number of login attempts using the wrong
password.
•
PASS_STATUS_RIGHT—Password expires after a
given number of login attempts using the correct
password.
•
PASS_STATUS_DISABLED—The account has
been disabled.
112
SET_PASS_
EXPIRY_WRONG
UN,V1
Set the maximum number of bad authentications allowed
(automatic reset on good password if not exceeded) and
reset current count.
Table F-3
User Creation and Modification Action Codes (continued)
Action
Code
Name
Required
Description