Chapter 13 User Databases
Windows User Database
13-12
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
To determine the format of a username submitted for Windows authentication,
Cisco Secure ACS searches the username for the presence of the following two
special characters:
•
@ (the “at” character)
•
\ (the “backslash” character)
Based upon the presence and position of these two characters in the username,
Cisco Secure ACS determines username format as follows:
1.
If the username does not contain a “backslash” character
and
does not contain
an “at” character, Cisco Secure ACS considers the username to be
non-domain qualified. For example, the username
cyril.yang
is non-domain
qualified. For more information, see
Non-domain-qualified Usernames,
page 13-13
.
2.
If the username contains a “backslash” character that precedes any “at”
characters, Cisco Secure ACS considers the username to be domain qualified.
For example, Cisco Secure ACS considers the following usernames to be
domain qualified:
–
MAIN\cyril.yang
–
MAIN\cyril.yang@central-office
For more information, see
Domain-Qualified Usernames, page 13-14
.
3.
If the username contains an “at” character that is not preceded by a
“backslash” character, Cisco Secure ACS considers the username to be in
UPN format. For example, Cisco Secure ACS considers the following
usernames to be UPN usernames:
–
–
–
cyril.yang@main
–
cyril.yang@[email protected]
–
cyril.yang@main\example.com
For more information, see
UPN Usernames, page 13-14
.