Table of ContentsRelease Notes for
CiscoSecure ACS 2.1(4) for Windows NT
Open Issues and Workarounds
HTML Interface Timeout with Netscape Communicator 4.01
Dragging Hyperlinks in Internet Explorer 3.02
Installing Internet Explorer 4.01 when CiscoSecure ACS 2.1(4) for Windows NT is Already Installed
Release Notes for
CiscoSecure ACS 2.1(4) for Windows NT
These release notes describe important corrections and additions to the online documentation, additions and enhancements to the CiscoSecure ACS 2.1(4) for Windows NT software, issues closed with this release, and open issues and workarounds. Please review this information before proceeding with your installation or upgrade. This document should be used in conjunction with the CiscoSecure ACS 2.1 for Windows NT Server User Guide.
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more current than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.
If you are reading Cisco product documentation on the World Wide Web, you can submit comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco. We appreciate your comments.
The following topics are discussed:
- Corrections on page 2
- Additions on page 2
- Closed Issues on page 3
- Enhancements on page 3
- Open Issues and Workarounds on page 3
- Cisco Connection Online on page 4
In the CiscoSecure ACS 2.1 for Windows NT Server User Guide, in the chapter "CiscoSecure ACS Database Utilities" in the section "Database Import Utility: Creating the Text File," the example for Windows NT Database authentication should read:
The third line in the example import text file should also read:
Before you install CiscoSecure ACS 2.1(4) for Windows NT, make sure all other applications and windows are closed.
If you are using Security Dynamics' SDI for token authentication, we recommend that you upgrade to version 4.1 of the SDI ACE Client software. Earlier versions of the SDI utility that tests client-server connectivity will not operate with CiscoSecure ACS 2.1(4) for Windows NT.
If a message displays during installation stating that "The ODBC resource DLL (filename) is a different version than the ODBC (file type and name)," follow these steps:
Step 1 Exit the installation program.
Step 2 Run the odbcdmin.exe file that is located in the SUPPORT\ODBC directory on the CiscoSecure ACS CD-ROM. Installing the odbcdmin.exe file will install the ODBC 3.0 components.
Step 3 When you have finished installing these ODBC components, click SETUP.EXE in the root directory of the CD-ROM to restart installation of CiscoSecure ACS.
If you get an error message during installation indicating that installation has failed, follow these steps:
Step 1 Go to the Windows Control Panel Add/Remove Programs window and select CiscoSecure ACS 2.1 for Windows NT.
Step 2 Click Uninstall.
Step 3 When you have finished uninstalling, click SETUP.EXE in the root directory of the CD-ROM to restart installation of CiscoSecure ACS.
If Uninstall terminated abnormally or if installation still fails, follow these steps:
Step 1 Go to the SUPPORT\CLEAN directory and run CLEAN.EXE. This will uninstall CiscoSecure ACS 2.1 completely and clean up certain statements from the Windows NT Registry that prevent installation of CiscoSecure ACS 2.1.
Step 2 When you have finished running CLEAN.EXE, click SETUP.EXE in the root directory of the CD-ROM to restart installation of CiscoSecure ACS.
The following DDTS cases were closed with this release:
- CSRADIUS VSACorrected RADIUS AV-Pair truncation. [CSCdj87963]
- Usernames with leading/trailing spacesCiscoSecure ACS 2.1(4) for Windows NT no longer accepts leading/trailing spaces in usernames. [CSCdk03472]
- Windows NT ShutdownCSAuth now handles the Windows NT shutdown event correctly. [CSCdj87755]
- TACACS+ Dr. WatsonTACACS+ now operates correctly with usernames longer than 64 characters.
- Windows NT SDI Alphanumeric logicCorrected logic for accepting alphanumeric PINs in SDI logins. [CSCdj93487]
- Replication failure inconsistencyFixes intermittent connection failure during replication. [CSCdk10423]
- Crypto API errors detected in CSAuth after Internet Explorer 4.01 InstallationFixes application startup errors after Internet Explorer 4.01 installation. [CSCdk02755]
- CSAuth ERROR condition to NASCiscoSecure ACS 2.1(4) for Windows NT no longer replies to the NAS if CSAuth is down. [CSCdj92590]
- Replication with RX/TX settingsReplication no longer requires the Send and Receive boxes to be checked. [CSCdj82203]
- Windows NT SDI Multi-Threaded ClientAdded support for multi-threaded client. [CSCdk10431]
- Wait in CSauth for Windows NT authen.dllWait state was introduced in CSAuth startup for the Windows NT authentication. [CSCdk09751]
- Incorrect TACACS+ daemon statusCorrect TACACS+ daemon status is now returned to NAS using single-TCP connection. [CSCdk10463]
- CSAdmin state 20 in Windows NT Event ViewerCosmetic change. [CSCdk09766]
The following enhancements were made with this release:
- Group assignment corruptionUser/group assignment is now handled correctly by CSutil.
- ODBC-single threadODBC threads = 1 (previously was a .reg patch). Set the Access Database engine to single thread mode.
- Windows NT SDI GrammarCorrected grammar in the New-Pin mode prompt.
When performing Authentication Forwarding and Windows NT authentication with Windows dial-up networking, CiscoSecure ACS does not strip character strings located in the middle of usernames. For example, if the user ID is corporation@user1 and the domain is DOMAIN01, the authentication package is read as DOMAIN01\corporation@user1. CiscoSecure ACS does not strip "corporation." The workaround is to place the character string to be stripped at the end of the user ID. [CSCdj67375]
With Netscape Communicator 4.01, when the HTML interface times out, a Java reconnect dialog box opens. Clicking OK does not re-establish the session. The workaround is either to log in again or to use a different version of the browser. [CSCdj62066]
With Internet Explorer 3.02, when you drag any of the hyperlinks, the navigation bar is hidden, and an Internet Explorer message window opens. The workaround is either to use the browser's Back button or to use a different version of the browser. [CSCdj63814]
If CiscoSecure ACS 2.1(4) for Windows NT is installed and you then install Internet Explorer 4.01, you must restart the system before CiscoSecure ACS services will start. [CSCdk12995]
Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.
Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.
CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.
You can access CCO in the following ways:
- WWW: http://www.cisco.com
- WWW: http://www-europe.cisco.com
- WWW: http://www-china.cisco.com
- Telnet: cco.cisco.com
- Modem: From North America, 408 526-8070; from Europe, 33 1 64 46 40 82. Use the following terminal settings: VT100 emulation; databits: 8; parity: none; stop bits: 1; and connection rates up to 28.8 kbps.
For a copy of CCO's Frequently Asked Questions (FAQ), contact email@example.com. For additional information, contact firstname.lastname@example.org.
Note If you are a network administrator and need personal technical assistance with a Cisco product that is under warranty or covered by a maintenance contract, contact Cisco's Technical Assistance Center (TAC) at 800 553-2447, 408 526-7209, or email@example.com. To obtain general information about Cisco Systems, Cisco products, or upgrades, contact 800 553-6387, 408 526-7208, or firstname.lastname@example.org.