04-14-2011 06:41 AM - edited 03-10-2019 05:59 PM
Is it possible to edit the hosts file on an ACS 1121 server running ACS 5.2? Our problem is we have a single domain with multiple domain controllers at different sites. So when the ACS server tries connecting to the domain it randomly picks a domain controller which it can't connect to thus causing it to fail. I found an other thread https://supportforums.cisco.com/thread/2024431 that has the same problem and was identified as an issue, but no more information on if it was resolved.
04-14-2011 10:11 AM
How about setting up a small DNS server on a PC in the ACS subnet that would return only the right SRV records of DCs that are available ?
How about creating a child domain to your domain with only accessible DCs ? If ACS joins that child domain it can authenticate anyone in the domain since there are trust relationships.
Those are workaround ideas.
04-14-2011 10:20 AM
The ACS server is on our management vlan and for security reasons can't have a DC on it. The child domain I don't think would work because we have a primary server with multiple secondary ACS servers that will be going to different sites. So all the secondary servers at the different sites would try to point to our DC at the main site which we want them going to their sites DC.
04-14-2011 10:26 AM
I didn't say you needed a DC on your management vlan.
Just turn on a PC with a DNS application on it. Configure the ACS to use that as DNS server. Voila !
The PC-DNS will give the ip addresses of the DCs you want in the domain.
Let's be clear, I never tried this but it sounds feasible to me no ?
04-14-2011 10:31 AM
I think that would work, but I just checked and was told we can't have a PC on the management vlan.
04-14-2011 10:32 AM
My suggestion would be to use the internal router as an dns forwarder.. One problem is it violates the regulations to enable that.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide