05-19-2010 04:59 PM - edited 03-10-2019 05:08 PM
Hi,
I have acs 5.0 and i am trying to get this with AD but when i do the test connection i have a log that say CLock skew.
I have the acs with ntp and zonetime but AD does not have ntp but the clock its almost the same. People that manage AD does not want to syncrhonize with ntp without true reason because documentation says that acs and ad should be on the same ntp but not must.
AD must have ntp?
Regards.
05-19-2010 06:22 PM
The error message you are getting is no doubtly due to time syncronization. ACS 5.1 has to be configured with a valid NTP server for time synchronization, preferably from where the domain controller is syncing its time but AD should be configured with NTP for time syncronization. It won'y work if you manually set the clock even though its correctly setup. Another one is a valid DNS server which can resolve internal names.
Both of them will be configured from the CLI:
http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_system/5.1/command/reference/cli_use.html#wp1096003
HTH
JK
Do rate helpul posts-
07-15-2010 02:20 PM
Hi,
It is working w/o NTP only i had to configure the same clock timezone.
But thanks for all.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide