07-02-2012 02:50 PM - last edited on 03-25-2019 05:28 PM by ciscomoderator
Hello,
I noticed a strange behaviour on an ACS 5.3 server regarding the Active Directory connection: The ACS is connected to the domain, the connection is established and rule-matching against the AD works fine. But when I hit the "test connection" button on the Active Directory configuration page, I get the error message "Could not resolve hostname".
I'm curious what the "problem" here could be. DNS settings are correct, I can ping and resolve hostnames on the CLI. The server is synchonized with a internal NTP source. I avoided hostnames in the ACS configuration, everything is just IP addresses, and a specific domain controller is not in the configuration - I just configured the FQDN of the Active Directory. So what hostname does the ACS try to resolve when I start the connection test?
It is just a minor issue, but any help or hint would be highly appreciated! Thank you!
Regards
Dennis
07-02-2012 02:53 PM
Dennis,
You need dns resolution for the domain that ACS joins to along with the DNS resolution (both forward and reverse) of the ACS' hostname also.
thanks,
Tarik Admani
07-03-2012 05:33 AM
Hi Tarik, thanks for your feedback.
I checked the DNS records, there are records for the domain as well as for the primary ACS (forward and reverse). This a ACS cluster, and I noticed that for the secondary ACS, we only have a forward record, no reverse-lookup record.
I will add the PTR-record for the secondary ACS, check the connection test and come back to you with some feedback.
07-03-2012 09:39 AM
Just like Tarik said check DNS.
Make also sure DNS ip is correctly configured under the ACS box.
Amjad
Sent from Cisco Technical Support iPad App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide