Security Supervisors

ACS Security Supervisors are those individuals who can modify the contents of the ACS. That is, they can add Applications, Events, permissions, users, and CygNet Groups to the service. Keep in mind that being listed as an ACS Supervisor does not give one carte blanche security. The user still must be assigned authorization for the various Applications and Events.

A text file (Admin.sec) is used to designate the ACS Supervisors. They must be identified by their full Microsoft Windows login (domain\login). The list cannot include Active Directory users or groups.

Sample Admin.sec File

The Admin.sec file must reside in the ACS directory. You cannot change the file name or its storage location. If you change the contents of the Admin.sec file, the change will be picked up immediately by the service. You do not have to stop and restart it for the change to become effective.

It is highly recommend that you lock down access to the Admin.sec file using Windows file security.