ACS Appliance with Multiple Windows Domains

chris.prewitt · ‎04-06-2005

Is there any documentation anywhere for configuring the ACS appliance for multiple Windows Domains. I have two different groups of AAA clients that should be accessing two different sets of Remote Agents. The Remote Agent groups are seperated by Windows domains. One is Windows 2000, the other Windows 2003.

a-vazquez · ‎04-12-2005

In answering to your question about if its possible to authenticate the users from multiple domains with a single ACS

server on one of those domains is possible, the answer if YES.

The requirement is that you have a 2-way trust with the domain where the ACS is installed in one of the member servers of that particular domain.

chris.prewitt · ‎04-12-2005

Does the trust have to be a forest to forest trust, or can it be a domain to domain non-transitive trust?

I have a Windows 2000 domain with several trusts working with ACS. We added a new non-transitive trust with a Windows 2003 domain, and authentication does not work for that domain.

dimitri.smit · ‎04-13-2005

Do you have any doco substantiating that a 2-way trust is required? [I have it working on a 2-way but would prefer a 1-way trust]

thanks

chris.prewitt · ‎04-18-2005

No document. I have found some forums online that people have said they have had problems with 1 way trusts. I haven't seen this issue personally, just what I read.