Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2035
Views
0
Helpful
3
Replies

ACS 4.2 Remote agent compatibility issues.

Go to solution
Sundeep Dsouza
Level 1
Level 1

‎05-08-2012 10:30 PM - edited ‎03-10-2019 07:04 PM

I have been doing a bit of reading on the ACS 4.2 remote agent compatibility with Windows 2008 R2, and it seems like the only way out is to upgrade the ACS to 5.2. We have Cisco ACS 4.2 SE and I would want someone to confirm that what if I install the Remote agent on a Windows 2003 member server instead of the 2008 R2 DC. Will such a scenario work?

Feedback is appreciated.

Regards

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mauzamor
Level 1
Level 1
In response to Sundeep Dsouza

‎05-11-2012 10:46 AM

Yes, here is this one which has a bug documented with this information CSCtg37183 :

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtg37183

Extracted from previous link:

ACS 4.x doesn't support 2008 R2 Server for AD.


Symptom:

ACS 4.x does not support authentication to a backend 2008 R2 Active Directory server.

Conditions:

ACS 4.x
Windows Server 2008 R2 installed on Domain Controller
ACS or remote agent installed on any member server in the environment (even if the server is 2003/2008)

Workaround:

Install the ACS or Remote Agent on a 2003/2008 domain controller

Cisco doesn't support this scenario because sometimes work fine other doesn't work at all, so nobody wants an unstable network right, unfortunately the workaround doesn't help much. Although there is an ACS 5.2 trial version that you can test, let me know so I can get you the links.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
mauzamor
Level 1
Level 1

‎05-11-2012 09:58 AM

Hi Sundeep,

The situation with 2008 R2 is the following, unfortunately this specific OS is not supported for installation/authentication for ACS/Remote Agents below the code 5.2.0.26

So this means that you cannot install the RA in the Windows server 2008 R2, also means that if the Domain Controllers are running 2008 R2 the authention will fail. (Actually you will face random situations, sometimes will work other times will fail).

In your case you are wondering if installing the RA in a Windows server 2003 will work, the installation will work fine, but the authentication no.

Let me know if I can clarify something else for you about this just let me know.

0 Helpful

Go to solution
Sundeep Dsouza
Level 1
Level 1
In response to mauzamor

‎05-11-2012 10:18 AM

Actually AD authentication is working perfectly fine at the moment. We have a 2008 R2 domain controllers and the agent is installed on a Windows 2003 member server. However as you mentioned, this might or might not work occasionally.

Can you point me to a Cisco doc stating that agent on a 2003 Windows member server running in 2008 R2 domain is not recommended?

Regards and thanks.

0 Helpful

Go to solution
mauzamor
Level 1
Level 1
In response to Sundeep Dsouza

‎05-11-2012 10:46 AM

Yes, here is this one which has a bug documented with this information CSCtg37183 :

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtg37183

Extracted from previous link:

ACS 4.x doesn't support 2008 R2 Server for AD.


Symptom:

ACS 4.x does not support authentication to a backend 2008 R2 Active Directory server.

Conditions:

ACS 4.x
Windows Server 2008 R2 installed on Domain Controller
ACS or remote agent installed on any member server in the environment (even if the server is 2003/2008)

Workaround:

Install the ACS or Remote Agent on a 2003/2008 domain controller

Cisco doesn't support this scenario because sometimes work fine other doesn't work at all, so nobody wants an unstable network right, unfortunately the workaround doesn't help much. Although there is an ACS 5.2 trial version that you can test, let me know so I can get you the links.

0 Helpful
Customers Also Viewed These Support Documents