09-28-2008 06:29 AM - edited 03-10-2019 04:06 PM
hay
I want to ask you friend
I have AD window 2K3 service pack 1 and ACS 4.2 i think it is well to configure i can import all groupe window and the mapping but anyone user is not able to authenticates itself.
1)I believe that I need an agent?if yes give me the link for download.
if "no" help me sur.
09-30-2008 08:32 AM
Hi,
If I understand you correctly from your post, is that you have Win2k3 and ACS 4.2 configured as you see correct. You can map the local ACS groups to the appropriate AD groups but the users cannot login with their AD credentials. Is that correct? What are you trying to log into? Switches, wireless.....etc
There is no agent that you need to install but you need to make some changes on the AD side.
Did you follow this document?
Craig
HTH
10-02-2008 09:10 AM
thanks for your reply,
Yes it is corect,I want to log into my network because i use dot1x in my Switch.
if it is available give me the modification that I had to make on AD.
10-02-2008 11:55 AM
Hi,
Are you trying to do USER authentication or MACHINE authentication? I assume machine authentication but please confirm.
Craig
10-02-2008 01:27 PM
hi,
yes i try to do user athentication.
10-02-2008 01:54 PM
Hi
Have you configured a workstation in active directory with a name of CISCO?
If you navigate to external user database/database configuration/windows database on the ACS and scroll to the bottom of that screen you'll see a setting called "Windows Authentication Configuration" You'll see a "default "Cisco"" listed there. You need a workstation configured in active directory to match that of the ACS.
hth
Craig
10-03-2008 12:43 AM
hi,
no,I am going to test it then I inform you of the result.
thanks.
10-07-2008 11:17 AM
hi thanks it's work fine but:
if i try to connect in my domain with new account this message display "domain not found"
but not problem with old account.
for resolve this issue I had to connect to a port configured without dot1x.
help me please.
10-07-2008 12:30 PM
Hi,
You don't need dot1x if you are only doing USER authentication but I assume that you are looking to use machine authentication if you have dot1x configured.
Below is a document that should help you on your way.
HTH
Craig
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide