after changing ACS AD domain unable to display groups in new AD domain

yann.boulet · ‎02-15-2011

Hi,

I changed my ACS 5.2.0.26 from a joined active directory to a new active directory domain, everything is ok for the test because i can see in ACS :

Joined to Domain:.tp.group.local

Connectivity Status:CONNECTED

it means that ACS is connected to AD.

NTP time is also ok

but when I go in Directory groups to try to browse my groups I cannot see anything with or without filter.

If you can give me some help.

thank you

yann.boulet · ‎02-15-2011

I have just patch ACS to cumulative patch 2 and I still have some

problems but I saw in the know acs issues the following bug :

CSCtg49699

ACS 5 fails to join AD Domain.

Symptom: If ACS was configured with an AD domain, it will fail to rejoin the domain if there are any changes in the AD infrastructure, such as IP addresses of the AD servers.

Conditions: This problem occurs if you move the ACS from one domain to another domain without clearing the AD configuration page.

It also occurs when ACS is joined with a DC in the lab and then it is moved to the production environment on the same domain. ACS will not rejoin the live DC.

Workaround:

1. Clear the configuration of AD on ACS and the old DC should be reachable while clearing

2. Reconfigure the AD part and ACS will rejoin the domain.

3. Reset the ACS to factory defaults.

Make sure you still have the ACS license before doing that because after the reset, ACS will prompt you for the license

I will try this workaround so for me I have to reset to factory defaults my configuration