Chapter 11
Working with User Databases
Result Codes
78-14696-01, Version 3.1
Table 11-5 CHAP/MS-CHAP/ARAP Stored Procedure Results (continued)
Field
Type
CSNTacctInfo
String
CSNTerrorString
String
CSNTpassword
String
The CSNTGroup and CSNTacctInfo fields are processed only after a successful
authentication. The CSNTerrorString file is logged only after a failure (if the
result is greater than or equal to 4).
The procedure must return the result fields in the order listed above.
You can set the result codes listed in
Table 11-6 Result Codes
Result Code
Meaning
0 (zero)
Authentication successful
1
Unknown username
2
Invalid password
3
Unknown username or invalid password
4+
Internal error—authentication not processed
The SQL procedure can decide among 1, 2, or 3 to indicate a failure, depending
on how much information you want the failed authentication log files to include.
Explanation
0-16 characters. A third-party defined string is
added to subsequent account log file entries.
0-255 characters. A third-party defined string
is written to the CSAuth service log file if an
error occurs.
0-255 characters. The password is
authenticated by Cisco Secure ACS for CHAP
authentication.
Table
11-6.
User Guide for Cisco Secure ACS for Windows Server
ODBC Database
11-49