Re: [cisco-ttl] ACS Server Replication

From: Murat Yeneroglu (Murat.Yeneroglu_at_rt.net.tr)
Date: Tue Dec 02 2003 - 09:35:42 GMT

  • Next message: orbitasuat: "[cisco-ttl] Secure Vlan"

    Yeni kullanici yaratiyorsaniz yada herhangi bir sekilde DB ye disaridan
    mudahele ediyorsaniz,
    cs_trans_log a yaptiginiz islemi yazmalisiniz. cs_trans_log update suresini
    config dosyalarinda
    ayarlayabilirsiniz.5sn yada 60 sn olarak. Asagidaki yaziyi okumanizi tavsiye
    ederim.

    Iyi Calismalar,

    Murat Yeneroglu
    RT.NET
    0 212 288 78 58 /505

    PS: Bir kullaniciyi DB ye direkt ulasarak update ederken user_profile daki
    cycle_number i 1 arttirmalisiniz.

    update cs_user_profile set cycle_number = (select cycle_number+1 from
    cs_user_profile where user_name = 'denek12')

    http://www.cisco.com/en/US/products/sw/secursw/ps4911/products_user_guide_chapter09186a008015c5cc.html

    Profile Cache Update Data
    If profile caching is enabled on the CiscoSecure ACS, as it usually is,
    special tables and triggers to update the profile cache might need to be
    enabled if database replication, or some third party application is
    implemented that directly modifies the CiscoSecure profile database without
    using the CiscoSecure dbserver module.

      a.. The cs_trans_log table-Keeps track of profile data changes which are
    made outside of the CiscoSecure dbserver module. The information from this
    table is used by the dbserver to notify the ACS server to invalidate an
    outdated profile cache.
      b.. Profile cache update triggers-Can be attached to the cs_user_profile
    and cs_group_profile tables. When changes are made to those tables by
    processes operating outside the dbserver module, the triggers write a record
    of those changes to the cs_trans_log table.
    Profile cache update triggers are installed in the process of implementing
    Oracle or Sybase database replication. If database replication is not
    implemented, installation is optional, depending upon whether or not profile
    caching is enabled and whether the customer is modifying the CiscoSecure
    profile database directly through a third-party application.

    cs_trans_log
    The entries are inserted into this table by triggers associated with
    cs_user_profile or cs_group_profile.

    Table 20-8 cs_trans_log

                Column Description
                t_seq_id
               4-byte signed integer which uniquely identifies each transaction.
    For fast query, primary key is created on this column.

                t_profile_id
               Profile ID in 4-byte signed integer.

                t_profile_type
               2-byte signed integer to indicate the type of profile

                1: user profile, 2: group profile

                t_profile_name
               User or group profile name in variable length character column up
    to 255 bytes.

                t_profile_cycle
               Profile cycle number in 4-byte signed integer.

                t_action
               2-byte signed integer to indicate each transaction type

                1: CREATE, 2: UPDATE, 3: DELETE, 4: REPLACE

                t_timestamp
               Time and date when transaction occurred. Used by dbserver to
    purge old entries. Index is created on this column.

    ----- Original Message -----
    From: "Mehmet" <internetim_at_gmx.com.tr>
    To: <cisco-ttl_at_yahoogroups.com>
    Sent: Tuesday, December 02, 2003 11:28 AM
    Subject: [cisco-ttl] ACS Server Replication

    Merhabalar;
    Kurulu olan ACS server'im SQL database'inden user bilgisini alarak
    çalışıyor. Ancak SQL databasinde yarattığım bir user hemen
    ACS
    içerisinde
    görünmüyor. O user ile bir kez bağlandıktan sonra ACS
    içerinde
    görünüyor.
    Benim yapmak istediğim şey ACS server manuel yada belli
    aralıklarla
    SQL
    databesine baksın ve yeni userları alsın silinmiş
    olanları da kendi
    databasinden çıkarsın. Mümkün müdür böyle
    birşey. Bilgisi olan varsa
    ve
    paylaşırsa çok sevinirim.

    Mehmet

    Bu listenin Cisco Systems ile dogrudan herhangi bir baglantisi
    bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir
    e-posta gönderebilirsiniz.

    Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/

    ------------------------ Yahoo! Groups Sponsor ---------------------~-->
    Buy Ink Cartridges or Refill Kits for your HP, Epson, Canon or Lexmark
    Printer at MyInks.com. Free s/h on orders $50 or more to the US & Canada.
    http://www.c1tracking.com/l.asp?cid=5511
    http://us.click.yahoo.com/mOAaAA/3exGAA/qnsNAA/26EolB/TM
    ---------------------------------------------------------------------~->

    Bu listenin Cisco Systems ile dogrudan herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/



    This archive was generated by hypermail 2.1.5 : Tue Dec 02 2003 - 16:18:15 GMT