ACS & multiple Active directory

nikhilcherian · ‎05-20-2015

Does ACS support multiple active directory integration

Regards

Nikhil

nikhilcherian · ‎05-20-2015

I see there is an option to add only one domain name & can use mutual trust domains . Are there any limitations in using this.

Can I use any number of groups in the second domain as well.

How a user will be authenticated, when an incoming authentication request comes to the ACS. Does ACS check with first ACS, and fallback to the second ACS, if the user is not seen in the first ACS

Regards

Habib Ur-Rashid · ‎06-21-2015

I have one ACS and wants to integrate with 3 AD. is it possible in ACS 5.6?

nikhilcherian · ‎06-29-2015

ACS can be integrated with multiple AD, only if the AD have mutual trust between each other..

nspasov · ‎06-22-2015

Yes you can! However, one integration would have to be done via the AD connector and the other via the LDAP one.

https://supportforums.cisco.com/discussion/11203226/can-acs-support-multiple-active-directory-domains-8021x-eap-tls

With that being said, Cisco ISE, does have the option to fully join several domains. Have you explored that product?

Thank you for rating helpful posts!

Thank you for rating helpful posts!

nikhilcherian · ‎06-29-2015

I have tried with ISE, it is good.

Thanks for the suggestion. However I found that all the AD should have same time synchronized. This was making my configuration complicated

Regards

Nikhil