cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1822
Views
6
Helpful
5
Replies

ACS 5.2 Edit Hosts File

dsmc
Level 1
Level 1

Is it possible to edit the hosts file on an ACS 1121 server running ACS 5.2? Our problem is we have a single domain with multiple domain controllers at different sites. So when the ACS server tries connecting to the domain it randomly picks a domain controller which it can't connect to thus causing it to fail. I found an other thread https://supportforums.cisco.com/thread/2024431 that has the same problem and was identified as an issue, but no more information on if it was resolved.

5 Replies 5

Nicolas Darchis
Cisco Employee
Cisco Employee

How about setting up a small DNS server on a PC in the ACS subnet that would return only the right SRV records of DCs that are available ?

How about creating a child domain to your domain with only accessible DCs ? If ACS joins that child domain it can authenticate anyone in the domain since there are trust relationships.

Those are workaround ideas.

The ACS server is on our management vlan and for security reasons can't have a DC on it. The child domain I don't think would work because we have a primary server with multiple secondary ACS servers that will be going to different sites. So all the secondary servers at the different sites would try to point to our DC at the main site which we want them going to their sites DC.

I didn't say you needed a DC on your management vlan.

Just turn on a PC with a DNS application on it. Configure the ACS to use that as DNS server. Voila !

The PC-DNS will give the ip addresses of the DCs you want in the domain.

Let's be clear, I never tried this but it sounds feasible to me no ?

I think that would work, but I just checked and was told we can't have a PC on the management vlan.

cmarsteller
Level 1
Level 1

My suggestion would be to use the internal router as an dns forwarder.. One problem is it violates the regulations to enable that.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: