|
Note: Make sure you have already followed the instructions on the Read Me First: CiscoSecure ACS 2.4 for Windows NT Server Getting Started card.
Caution If you have an earlier version of CiscoSecure ACS installed, back up your data to another machine before you install the new version. If you have any problems with the installation, run the Clean.exe file located on the CiscoSecure ACS CD-ROM as described in the readme file or release notes and re-run Setup. |
1. Log in as the local system administrator to the machine on which you are installing CiscoSecure ACS.
Note: A new remote administrator can be created remotely as long as the current remote administrator is given the Administrator's control right.
2. Insert the CiscoSecure ACS CD-ROM into your CD-ROM drive. The Installation window opens.
3. Click Install. The Software License Agreement window opens.
4. Read the Software License Agreement; click Accept to agree to the licensing terms and conditions. The Welcome window opens.
5. Click Next. The Before You Begin window opens.
6. Verify that each condition is met, then click the check box for each item. Click Next. (Click Explain for more information on the listed items. If any condition is not met, click Cancel to exit Setup.) If this is a new installation, skip to Step 9.
7. (Optional) If CiscoSecure ACS is already installed, the Previous Installation window opens. Setup asks if you want to remove the previous version and save the existing database information. To keep the existing data, click:
To use a new database, clear the check box.
Click Next. If you checked the check box, Setup backs up the existing configuration. Setup removes the old files. When the files are removed, click OK.
8. If Setup finds an existing configuration, it asks if you want to import the configuration. To keep the existing configuration, click:
To use a new configuration, clear the check box.
9. The Choose Destination Location window opens. To install the software in the default directory, click Next. To use a different directory, click Browse and enter the directory to use. If the directory does not exist, setup asks if you want to create it. Click Yes. The Authentication Database Configuration window opens.
10. Click the option button(s) for the authentication database(s) to be used by CiscoSecure:
Check the CiscoSecure ACS Database only (default)
Also check the Windows NT User Database
If you select the first option, CiscoSecure ACS will use only the CiscoSecure ACS database for authentication; if you select the second option, CiscoSecure ACS will check both databases.
11. (Optional) To limit dial-in access to only those users you specified in the Windows NT User Manager, click:
Yes, reference "Grant dialin permission to user" setting
Click Next. The Network Access Server Details window opens.
12. Complete the following information. (Review the Before You Start: CiscoSecure ACS 2.4 for Windows NT Server Getting Started quick reference card.)
Authenticate Users UsingType of security protocol to be used. TACACS+ (Cisco) is the default.
Access Server NameName of the NAS that will be using the CiscoSecure ACS services.
Access Server IP AddressIP address of the NAS that will be using the CiscoSecure ACS services.
Windows NT Server IP AddressIP address of this Windows NT server.
TACACS+ or RADIUS KeyShared secret of the NAS and CiscoSecure ACS. These passwords must be identical to ensure proper function and communication between the NAS and CiscoSecure ACS. Shared secrets are case sensitive.
Setup installs the CiscoSecure ACS files and updates the Registry.
13. Click Next. The Interface Configuration window opens. The Interface Configuration options are disabled by default. Click the check box to enable any or all of the options listed.
Note: Configuration options for these items are displayed in the CiscoSecure ACS interface only if they are enabled. You can disable or enable any or all of these and additional options after installation in the Interface Configuration: Advanced Options window.
14. Click Next. The Active Service Monitoring window opens. To enable the CiscoSecure ACS monitoring service, CSMon, check the Enable Log-in Monitoring check box, then select the script to execute when the login process fails the test:
You can also develop your own scripts to be executed if there is a system failure. See the Online Documentation for more information.
To have CiscoSecure ACS generate an e-mail message when administrator events occur, check the Enable Mail Notifications check box, then enter the following information:
SMTP Mail ServerEnter the name and domain of the sending mail server; for example, server1.company.com
Mail account to notifyEnter the complete e-mail address of the intended recipient; for example, msmith@company.com
15. Click Next. The CiscoSecure ACS Service Initiation window opens. If you do not want to configure a NAS from Setup, click Next. and skip to the "Completing Setup" section.
To configure a single NAS now, click:
Yes, I want to configure Cisco IOS now
1. If you selected Yes, I want to configure Cisco IOS now, the Enable Secret Password window opens. Enter an optional Enable Secret password that can be used in addition to the Enable password. Click Next. The Access Server Configuration window opens.
2. Click Next. The NAS Configuration window opens. Review the information in the scrolling window. This information is the minimum Cisco IOS AAA configuration requirement for the NAS.
3. Select one of the following options:
Click Telnet Now? to Telnet to the IP address that you entered in the NAS Details window. The NAS configuration is automatically copied to the clipboard and can be pasted directly into the NAS configuration file. See your Cisco IOS documentation for more information.
Click Print to make a copy of the sample configuration. Review the printed copy before you Telnet to the NAS.
Click Next to continue without configuring a NAS.
1. The CiscoSecure ACS Service Initiation window opens. Check one or more of the following options:
Yes, I want to start the CiscoSecure ACS Service now
Yes, I want Setup to launch the CiscoSecure ACS Administrator from my browser following installation
Yes, I want to view the readme file
2. Click Next. The Setup Complete window opens.
3. Click Finish. Installation of CiscoSecure ACS is complete. An icon labeled ACS Admin is created on the Windows NT desktop. This is a shortcut to the CiscoSecure ACS program associated with your browser. If you selected the "launch" option in Step 1, your browser launches and CiscoSecure ACS opens. If you selected the "readme" option in Step 1, the readme file opens.
To start CiscoSecure ACS, double-click the ACS Admin icon to launch a browser with the URL for ACS Admin, or enter:
http://IP address:2002
Posted: Tue Jan 21 02:30:34 PST 2003
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.