cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
596
Views
0
Helpful
1
Replies

ACS 5.5 and Windows 2012 AD support

g.peart
Level 1
Level 1

Hi All,

previously I had two AD domains based on 2008 and had machines in one domain and users in another domain

and the condition statement "Was machine authenticated=True" worked fine when doing EAP-TLS machine then user

authentication.

I have now upgraded the machine's domain to 2012 and  machine authentication works fine and user authentication

also works, but when you put the two together, and enable "Was machine authenticated=True" the ACS errors

out when doing user authentication with the message "ACS unable to find previous successful machine authentication"

even though machine authentication was successful. I have tried with with ACS being a member of both 2008 and 2012 domains at each stage.

The clients are all windows 8.1

Has anyone encountered this scenario before ?

TIA

1 Reply 1

Naveen Kumar
Level 4
Level 4

I would like to share a good troubleshooting guide for ACS 5.X and later, Please have a look:

http://www.cisco.com/c/en/us/support/docs/security/secure-access-control-system/113485-acs5x-tshoot.html

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: